You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 369 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
man hosts.deny
SecuritySo you want to ban IP addresses in your /etc/hosts.deny file after you've seen our IP Ban list. You'd like to use wildcards or certain patterns instead of the entire IP, and don't know how? I've taken the liberty to run a "man hosts.deny" on my server. Here are the results...

The access control language implements the following patterns:
  1. A string that begins with a `.' character. A host name is matched if the last components of its name match the specified pattern. For example, the pattern `.tue.nl' matches the host name `wzv.win.tue.nl'.
  2. A string that ends with a `.' character. A host address is matched if its first numeric fields match the given string. For example, the pattern `131.155.' matches the address of (almost) every host on the Eindhoven Univer- sity network (131.155.x.x).
  3. A string that begins with an `@' character is treated as an NIS (formerly YP) netgroup name. A host name is matched if it is a host member of the specified netgroup. Netgroup matches are not supported for daemon process names or for client user names.
  4. An expression of the form `n.n.n.n/m.m.m.m' is interpreted as a `net/mask' pair. An IPv4 host address is matched if `net' is equal to the bitwise AND of the address and the `mask'. For example, the net/mask pattern `131.155.72.0/255.255.254.0' matches every address in the range `131.155.72.0' through `131.155.73.255'.
  5. An expression of the form `[n:n:n:n:n:n:n:n]/m' is interpreted as a `[net]/prefixlen' pair. An IPv6 host address is matched if `prefixlen' bits of `net' is equal to the `prefixlen' bits of the address. For example, the [net]/prefixlen pattern `[3ffe:505:2:1::]/64' matches every address in the range `3ffe:505:2:1::' through `3ffe:505:2:1:ffff:ffff:ffff:ffff'.
  6. A string that begins with a `/' character is treated as a file name. A host name or address is matched if it matches any host name or address pattern listed in the named file. The file format is zero or more lines with zero or more host name or address patterns separated by whitespace. A file name pattern can be used anywhere a host name or address pattern can be used.
  7. Wildcards `*' and `?' can be used to match hostnames or IP addresses. This method of matching cannot be used in conjunction with `net/mask' matching, hostname matching beginning with `.' or IP address matching ending with `.'.
Now for some wildcards:
  1. ALL The universal wildcard, always matches.
  2. LOCAL Matches any host whose name does not contain a dot character.
  3. UNKNOWN Matches any user whose name is unknown, and matches any host whose name or address are unknown. This pattern should be used with care: host names may be unavailable due to temporary name server problems. A network address will be unavailable when the software cannot figure out what type of network it is talking to.
  4. KNOWN Matches any user whose name is known, and matches any host whose name and address are known. This pattern should be used with care: host names may be unavailable due to temporary name server problems. A network address will be unavailable when the software cannot figure out what type of network it is talking to.
  5. PARANOID Matches any host whose name does not match its address. When tcpd is built with -DPARANOID (default mode), it drops requests from such clients even before looking at the access control tables. Build without -DPARANOID when you want more control over such requests.
Posted on Friday, July 18 @ 10:41:56 CEST by Zhen-Xjell
 
Related Links
· Computer Cops
· More about Security
· News by Zhen-Xjell


Most read story about Security:
PHP-Nuke admin.php security hole - PATCHED

Article Rating
Average Score: 4
Votes: 1


Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad


Options

 Printer Friendly Page  Printer Friendly Page

 Send to a Friend  Send to a Friend

Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register

Re: man hosts.deny (Score: 1)
by sharlein on Friday, July 18 @ 13:26:13 CEST
(User Info | Send a Message)
Zhen, I am lost here. Does the host.deny file work if you rent server space? If so, how do I create one? Thank you



Re: man hosts.deny (Score: 1)
by Zhen-Xjell on Saturday, July 19 @ 11:06:01 CEST
(User Info | Send a Message) http://castlecops.com
Yes:

ALL: xxx.xxx.xxx.xxx
ALL: yyy.yyy.yyy.yyy

etc... for a single IP address. Or:

ALL: 200.

for all 200 level IPs.



Re: man hosts.deny (Score: 1)
by georgiaguy on Saturday, July 19 @ 10:12:34 CEST
(User Info | Send a Message)
dammit..it droped the tags....

basically, i was asking, should we use:

ALL: --ip address--

or just list the IP addresses?



Re: man hosts.deny (Score: 1)
by georgiaguy on Saturday, July 19 @ 10:11:35 CEST
(User Info | Send a Message)
so which format would be the best for the hosts.deny file? the reason i'm asking is that i'm scripting up a perl script that will grab the list and automagically update the /etc/hosts.deny file with the latest info. i was thinking something like this:

ALL:

or would it be more correct to just list the IP addresses?


Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.033 Seconds - 279 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::