#ident "@(#)ETC:$Name$:$Id$" # # hosts.allow - tcp_wrappers / libwrap.a control # # See also both hosts_access(5) and hosts_options(5). # rpcbind:PARANOID:DENY rpcbind:0.0.0.0, 127.0.0.1, 10.0.1.0/255.255.255.0, 204.92.254.0/255.255.255.0 :ALLOW rpcbind:ALL:DENY # snmpd:PARANOID:DENY snmpd:127.0.0.1, 10.0.1.0/255.255.255.0, 204.92.254.0/255.255.255.0, 204.29.161.0/255.255.255.0 :ALLOW snmpd:ALL:DENY # tftpd:PARANOID:DENY tftpd:204.92.254.0/255.255.255.0:ALLOW tftpd:10.0.1.0/255.255.255.0:ALLOW tftpd:ALL:rfc931:spawn ((echo "%s[%p] refused connection from %c\n\n"; /usr/bin/finger -l @%h) | /usr/bin/Mail -s "tftp attempt" staff) &:severity auth.notice:DENY # # NOTE: these are not needed with the new fingerd #fingerd:PARANOID:rfc931:banners /etc/banners-deny:DENY #fingerd:ALL:banners /etc/banners:ALLOW # ftpd:PARANOID:rfc931:banners /etc/banners-deny:DENY ftpd:ALL:rfc931:banners /etc/banners:ALLOW # rlogind:PARANOID:rfc931:banners /etc/banners-deny:DENY rlogind:ALL:rfc931:banners /etc/banners:ALLOW # # NOTE: the 'paranoid' check is not needed if you use "rshd -a" #rshd:PARANOID:rfc931:DENY rshd:ALL:rfc931:ALLOW # telnetd:PARANOID:rfc931:banners /etc/banners-deny:DENY telnetd:ALL:rfc931:banners /etc/banners:ALLOW