======3.4.2 Ensure /etc/hosts.allow is configured (Scored)======
=====Profile Applicability=====  
<code>
Level 1 - Server
Level 1 - Workstation 
</code>

=====Description=====
The ''/etc/hosts.allow'' file specifies which IP addresses are permitted to connect to the host. It is intended to be used in conjunction with the ''/etc/hosts.deny'' file.

=====Rationale=====
The ''/etc/hosts.allow'' file supports access control by IP and helps ensure that only authorized systems can connect to the system.

=====Audit===== 
Run the following command and verify the contents of the ''/etc/hosts.allow'' file:
<Code:bash>
# cat /etc/hosts.allow
</Code>

=====Remediation===== 
Run the following command to create ''/etc/hosts.allow'':
<Code:bash>
# echo "ALL: <net>/<mask>, <net>/<mask>, ..." >/etc/hosts.allow
</Code>
where each <net>/<mask> combination (for example, "192.168.1.0/255.255.255.0") represents one network block in use by your organization that requires access to this system.

=====Notes=====
Contents of the ''/etc/hosts.allow'' file will vary depending on your network configuration.