Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ======3.4.2 Ensure /etc/hosts.allow is configured (Scored)====== =====Profile Applicability===== <code> Level 1 - Server Level 1 - Workstation </code> =====Description===== The ''/etc/hosts.allow'' file specifies which IP addresses are permitted to connect to the host. It is intended to be used in conjunction with the ''/etc/hosts.deny'' file. =====Rationale===== The ''/etc/hosts.allow'' file supports access control by IP and helps ensure that only authorized systems can connect to the system. =====Audit===== Run the following command and verify the contents of the ''/etc/hosts.allow'' file: <Code:bash> # cat /etc/hosts.allow </Code> =====Remediation===== Run the following command to create ''/etc/hosts.allow'': <Code:bash> # echo "ALL: <net>/<mask>, <net>/<mask>, ..." >/etc/hosts.allow </Code> where each <net>/<mask> combination (for example, "192.168.1.0/255.255.255.0") represents one network block in use by your organization that requires access to this system. =====Notes===== Contents of the ''/etc/hosts.allow'' file will vary depending on your network configuration. centos7/3/4/2.txt Last modified: 2017/05/04 17:30by Piotr Kłoczewski