7.4.4 Create /etc/hosts.deny

Information

The /etc/hosts.deny file specifies which IP addresses are not permitted to connect to the
host. It is intended to be used in conjunction with the /etc/hosts.allow file.

*Rationale*

The /etc/hosts.deny file serves as a failsafe so that any host not specified in
/etc/hosts.allow is denied access to the server.

Solution

Create /etc/hosts.deny-# echo 'ALL- ALL' >> /etc/hosts.deny

See Also

https://workbench.cisecurity.org/files/91

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-7(5)

Plugin: Unix

Control ID: 26b4388aa3f9ab198ca40be575223ea3d864ed6d932d7532997012a109e0e7ee