======3.4.5 Ensure permissions on /etc/hosts.deny are 644 (Scored)======
=====Profile Applicability=====  
<code>
Level 1 - Server
Level 1 - Workstation 
</code>

=====Description=====
The ''/etc/hosts.deny'' file contains network information that is used by many system applications and therefore must be readable for these applications to operate.

=====Rationale=====
It is critical to ensure that the ''/etc/hosts.deny'' file is protected from unauthorized write access. Although it is protected by default, the file permissions could be changed either inadvertently or through malicious actions.

=====Audit===== 
Run the following command and verify Uid and Gid are both 0/root and Access is 644:
<Code:bash>
# stat /etc/hosts.deny
Access: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
</Code>

=====Remediation===== 
Run the following commands to set permissions on ''/etc/hosts.deny'':
<Code:bash>
# chown root:root /etc/hosts.deny
# chmod 644 /etc/hosts.deny
</Code>