3.4.5 Ensure permissions on /etc/hosts.deny are 644 (Scored)

Level 1 - Server
Level 1 - Workstation 

The /etc/hosts.deny file contains network information that is used by many system applications and therefore must be readable for these applications to operate.

It is critical to ensure that the /etc/hosts.deny file is protected from unauthorized write access. Although it is protected by default, the file permissions could be changed either inadvertently or through malicious actions.

Run the following command and verify Uid and Gid are both 0/root and Access is 644:

# stat /etc/hosts.deny
Access: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root)

Run the following commands to set permissions on /etc/hosts.deny:

# chown root:root /etc/hosts.deny
# chmod 644 /etc/hosts.deny
  • ubuntu1604/3/4/5.txt
  • Last modified: 2017/05/02 13:46
  • by Piotr K┼éoczewski