Hi y’all!
Could someone enlighten me about hosts.allow & hosts.deny please?
I was reading up on linux networking, and it said I should consider the contents of these files. So networking aside, I've read up a bit and am a lot confused.
As far as I can find, 1) if there's an match in hosts.allow an address is allowed to contact the machine. 2) if no match in 1), then if there's a match in hosts.deny, then the address is not allowed to contact the machine 3) if no match in 1 or 2, then the address is allowed to contact the machine.
Is this right so far?
If so, what's typically in hosts.deny? I ask because I've obviously edited this in the past - I have a vague recollection of doing it because I couldn't get anything working and I just stripped it all out - I know - a very very bad idea.
All I've got in there is: ALL: ALL: ::1
As far as I can figure out, the first line, ALL: would do nothing. ALL: ::1 I think would block all IPV6 addresses from contacting.
Is my interpretation of the above right?
What's typically in the hosts.deny for a server? If it's set up to block by default, then what should I enable? Is it sufficient to use netstat to work out what's listening for a conversation and just allow these things if I think they should be allowed. If so what's the correct use of netstat to find out?
If I have things running as cron jobs rather than as a daemon to check things, do I have to specifically allow these to contact the outside world, or is hosts.allow/deny just for daemons?
Lastly, does this work like a firewall? As I have firewall already set up, is it a good idea to spend time on hosts.allow/deny as well?
Any advice appreciated muchly! Steve