LinuxQuestions.org
Help answer threads with 0 replies.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Which of hosts.deny or iptables -DROP is most efficient?
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 06-04-2006, 04:10 PM   #1
Yalla-One
Member
 
Registered: Oct 2004
Location: Norway
Distribution: Slackware, CentOS
Posts: 641

Rep: Reputation: 36
Which of hosts.deny or iptables -DROP is most efficient?

Out of curiosity, which of the following causes the least load on a system?

A) - dropping offending hosts with iptables and -DROP
B) - dropping with entries in hosts.deny?

I would initially think dropping with iptables would cause less stress as it drops the packets at a lower, earlier level, but would like some insight from someone with more inside knowledge than I do..

Thanks!

-Y1
 
Old 06-04-2006, 05:31 PM   #2
gilead
Senior Member
 
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,141

Rep: Reputation: 168Reputation: 168
I'd have thought you were right that using iptables created less load.

Refusal of a connection by iptables is done when the first SYN packet is received at the firewall and no further packets related to that connection attempt are processed. Using hosts.allow and hosts.deny files requires that the connection is made and the files need to be parsed to see if the IP address is allowed to connect.

However, I've never checked to see just how efficient iptables is at dropping packets compared to allowing the packets and having tcp wrappers do the work. In other words I'm guessing too - sorry about that
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
/etc/hosts.deny/hosts.allow have no effect on sshd access bganesh Linux - Security 4 05-04-2006 08:06 PM
iptables v. hosts.deny/allow vswr31 Linux - Security 3 04-22-2005 04:16 PM
iptables vs hosts.deny ryedunn Linux - Security 2 01-11-2005 06:56 PM
Adding shell commands to hosts.deny and hosts.allow ridertech Linux - Security 3 12-29-2003 03:52 PM
Using iptables and hosts.deny? Poetics Linux - Security 8 07-19-2003 02:31 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:57 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration