Can /etc/hosts.deny/allow be overridden?

Posted by Tar on Server Fault See other posts from Server Fault or by Tar
Published on 2012-06-23T02:50:43Z Indexed on 2012/06/23 3:17 UTC
Read the original article Hit count: 512

Filed under:
|
|
|

I have security measures put in place to keep unwanted users out of my server. I've changed the SSH port, disabled root login, have a software firewall to block portscans, and have entries in hosts.deny and hosts.allow.

I have various services denied to all but another server of mine should my IP change, and two other administrators + my own IP address.

My question is, can hosts.deny/allow configuration be overridden so that they can gain access to my server? Does using chroot jail for running things like an IRC server and Teamspeak server prevent people from gaining access to my server and screwing with it?

© Server Fault or respective owner

Related posts about security

Related posts about hosts