[clug] Starting k/ubuntu - Debian

Craig Small csmall at enc.com.au
Mon May 14 22:30:10 GMT 2007


On Mon, May 14, 2007 at 04:46:18PM +1000, Andrew Janke wrote:
>   # sudo echo "ALL:ALL" > /etc/hosts.deny
> Or am I missing something?

I recall, a long time ago, that some vulnerabilities could still get hit
even with this, as there is still some code run from the accept() call
to the bit where you are checking the access control.

If you have something like that, why have the port open for exploitation
in the first place?  I also find moving the ssh port greatly reduces the
number of automatic worms that try things.  OK, it's not going to stop
someone deliberately targeting me, but the worms just try port 22 for
ssh attacks.

 - Craig
-- 
Craig Small      GnuPG:1C1B D893 1418 2AF4 45EE  95CB C76C E5AC 12CA DFA5
http://www.enc.com.au/                             csmall at : enc.com.au
http://www.debian.org/          Debian GNU/Linux, software should be Free 


More information about the linux mailing list