The approach I used was simple enough. In the hosts.deny file I put an entry of
ALL:ALL
which shuts out the world. Then in the hosts allow file I have entries for the hosts I want to connect.
As I understand it, the deny file is processed, and overridden by the hosts.allow file. It is much easier to keep track of who should get in rather than who shluld not.
Hope this helps.
|