One security tip I got years ago was to turn off all access by setting the file /etc/hosts.deny like this: ALL:ALL And then in /etc/hosts.allow, I allow in only specific services and specific ip address ranges that I want to allow. For example, I usually allow only ssh connections from a few specific places: ALL: 127.0.0.1 sshd: 24.124. sshd: 129.237. sshfwd-X11: 24.124. sshfwd-X11: 129.237. This has served me well to keep out other users and protect myself from starting services that I don't want. Now in FC6 I notice that xinetd is not installed and so these host files have no effect. of course, I can install xinetd, but I'm suspecting that the FC6 designers want me to do something else in order to control access. How does one achieve the same effect without using xinetd? -- Paul E. Johnson Professor, Political Science 1541 Lilac Lane, Room 504 University of Kansas
