RedHat Enterprise Linux Knowledge Sharing, Trading, and Information Technology: [RedHat Enterprise Linux] How to secure your Redhat Enterprise Linux 5 by User or Host

Despite of using firewall, SELinux, there are many ways to secure your RHEL from crackers into your services, one of them is using tcp_wrappers. This feature is automatically enabled in the system. There are two key files in tcp_wrappers, they are hosts.allow and hosts.deny. The sequence of those two files are like follow:

1. System will search /etc/hosts.allow. If tcp_wrappers finds a match then it grants access after that no additional searches are required.
2. Then it searches /etc/hosts.deny. If tcp_wrappers finds a match then it denies access.
3. If there are no hosts found in either those files. Then access is automatically granted to the client

Sample commands

You can set up multiple services using a comma for separating them. In order to make an execption, you can do it by simply typing EXCEPT operator.

Below is the example code for hosts.allow:

#hosts.allow
ALL : .example.com
telnetd : 192.168.0.0/255.255.255.0 EXCEPT 192.168.0.79
sshd, in.tftpd : 192.168.1.10

First line is just a comment. The next line is to define that host from example.com can access all the services. The following line, service telnet can only be accessed from all hosts that has IP address from network 192.168.0.0/24 except IP address 192.168.0.79.

Below is the example code for hosts.deny:

#hosts.deny
ALL EXCEPT in.tftpd : .example.org

telnetd : ALL EXCEPT 192.168.1.10
ALL:ALL

First line is to deny all except tftp service for host example.com. The next line is to deny all host from accessing telnetd except from ip address 192.168.1.10.

RedHat Enterprise Linux Knowledge Sharing, Trading, and Information Technology

Thursday, July 9, 2009

[RedHat Enterprise Linux] How to secure your Redhat Enterprise Linux 5 by User or Host

0 comments:

Header

Shout Box

Blog Archive

Statistics

Visitor