On Mon, 10 Sep 2007 15:04:47 -0500, Moe Trin wrote:


>
>>Then, is changing /etc/hosts.allow and /etc/hosts.deny always useful?
>
> /bin/netstat -anptu


I now use it


> Is anything listening? Does what-ever application is listening know
> about tcp_wrappers or libwrap?
>


No



>>is the full stop a misprint or not?
>
> [compton ~]$ whatis hosts_access tcpd hosts_access (3) - access
> control library hosts_access (5) - format of host access
> control files tcpd (8) - access control facility for
> internet services [compton ~]$
>
> man 5 hostaccess
>
> o A string that ends with a `.' character. A host address is
> matched if its first numeric fields match the given
> string. For example, the pattern `131.155.' matches the
> address of (almost) every host on the Eindhoven University
> network (131.155.x.x).
>
> Thus, '127.' matches 127.0.0.0 - 127.255.255.255.


That is very interesting, I thank you, also for your sentence "Firewalls
are always software", it changed completely my point of view about
firewalls.