Hosts.allow / deny will control access to inetd services.

How can I do the same for daemons ? I would like to deny all access to a daemon (portmap) how could I do this ?

Thanks,
Donov

Simply put ALL:ALL in /etc/hosts.deny to deny all access to daemons.If you need to use nfs on your internal network,edit /etc/hosts.allow and put portmap: 192.168.0.1 just make sure to use correct ip for your nic.Hope this helps.

ok here is my hosts.deny:


# /etc/hosts.deny: list of hosts that are _not_ allowed to access the system.
# See the manual pages hosts_access(5), hosts_options(5)
# and /usr/doc/netbase/portmapper.txt.gz
#
# Example: ALL: some.host.name, .some.domain
# ALL EXCEPT in.fingerd: other.host.name, .other.domain
#
# If you're going to protect the portmapper use the name "portmap" for the
# daemon name. Remember that you can only use the keyword "ALL" and IP
# addresses (NOT host or domain names) for the portmapper. See portmap(8)
# and /usr/doc/netbase/portmapper.txt.gz for further information.
#
# The PARANOID wildcard matches any host whose name does not match its
# address.
ALL: ALL

Does this all: all also cover the portmap daemon ? Why does it talks about specific instrcutions for this daemon ?

Thanks,
Donov

Yes, ALL: ALL does cover portmap so does portmap: ALL or ALL: ALL :PARANOID.See you have the choice to use wahtever option you need...

I'd suggest to read nfs howto at www.linuxdoc.org (http://www.linuxdoc.org) also try reading man hosts.allow man hosts.deny and man portmap...

<edit>
Why, they are talking about portmap?
because if you dont use ALL: ALL, portmap: xxx.xxx.xxx.xxx rule needs to be used then... man now i'm getting all http://www.linuxnewbie.org/ubb/confused.gif

[This message has been edited by PLBlaze (edited 15 December 2000).]