{"id":75,"date":"2017-04-28T18:14:13","date_gmt":"2017-04-28T18:14:13","guid":{"rendered":"http:\/\/www.linuxauthority.com\/wordpress\/?p=75"},"modified":"2017-04-28T18:14:13","modified_gmt":"2017-04-28T18:14:13","slug":"use-tcp-wrappers-with-care","status":"publish","type":"post","link":"https:\/\/www.linuxauthority.com\/wordpress\/?p=75","title":{"rendered":"Use TCP wrappers with care"},"content":{"rendered":"\n<!-- ALL ADSENSE ADS DISABLED -->\n<p>Real life story.<\/p>\n<p>&nbsp;<\/p>\n<p>DMZ based server dedicated to SFTP was configured with sshd rules in \/etc\/hosts.allow<br \/>\nsshd : ALL@16.89.97.*:ALLOW<br \/>\nsshd : ALL@14.251.*:ALLOW<br \/>\nsshd : <span style=\"color: #ff00ff;\"><strong>AAL@208.94.61.*:ALLOW<\/strong><\/span><\/p>\n<p>Should have been:<\/p>\n<p>sshd : ALL@16.89.97.*:ALLOW<br \/>\nsshd : ALL@14.251.*:ALLOW<br \/>\n<strong><span style=\"color: #00ff00;\">sshd : ALL@208.94.61.*:ALLOW<\/span><\/strong><\/p>\n<p><span style=\"color: #000000;\">That network was the firewall to the outside world.<\/span><\/p>\n<p>The end users were inconvenienced and the firewall team wasted a lot of time reviewing rues and looking at logs.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Real life story. &nbsp; DMZ based server dedicated to SFTP was configured with sshd rules in \/etc\/hosts.allow sshd : ALL@16.89.97.*:ALLOW sshd : ALL@14.251.*:ALLOW sshd : AAL@208.94.61.*:ALLOW Should have been: sshd : ALL@16.89.97.*:ALLOW sshd : ALL@14.251.*:ALLOW sshd : ALL@208.94.61.*:ALLOW That network was the firewall to the outside world. The end users were inconvenienced and the firewall [&hellip;]<\/p>\n<a role=\"link\" class=\"rtp-readmore\" title=\"Read more on Use TCP wrappers with care\" href=\"https:\/\/www.linuxauthority.com\/wordpress\/?p=75\" rel=\"nofollow\">Read More &rarr;<\/a>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-75","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/www.linuxauthority.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/75"}],"collection":[{"href":"https:\/\/www.linuxauthority.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.linuxauthority.com\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.linuxauthority.com\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.linuxauthority.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=75"}],"version-history":[{"count":0,"href":"https:\/\/www.linuxauthority.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/75\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.linuxauthority.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=75"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.linuxauthority.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=75"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.linuxauthority.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=75"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}