Sharing hosts.deny

[Ahmed Kamal]

On 10/25/2010 01:05 PM, James Gray wrote:
> On 25/10/2010, at 12:41 PM, Michael wrote:
>
>> On 10/22/2010 01:16 AM, Tapas Mishra wrote:
>>> I wanted to know if there is any place where people have shared these
>>> IPs which needs to be blocked I feel most of the time the entries must
>>> be common though not always.So if hosts.deny file is shared some where
>>> then give a link.(I do use auth.log to note IPs to block)
>>>
>>>
>> I have a bunch of entries in my hosts file with the 127.0.0.1 line
>> added.  I have always seen the hosts.deny and hosts.allow files  but
>> never know how to use them.  When I google hosts.deny it says something
>> about blocking a range of IP addresses.  Is it safe to assume that using
>> hosts.deny is more effective/better than just adding entries to the
>> hosts file?
> The /etc/hosts.{allow,deny} are part of tcp wrappers (ie, inetd/xinetd) and have very little to do with host resolution (which is what /etc/hosts is for).  Normally, when I need to block an IP address I throw it at iptables (the firewall) which is the correct place for it in a lot of (read "most") situations.
>
Don't know what the general consensus is, but I've almost never really 
used hosts.deny in real production. iptables just does everything I 
need. OP might want to consider this