[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [leafnode-list] Getting slrn to see any groups.

On Fri, 9 Jun 2000, Gary Taylor wrote:

> leafnode: ALL EXCEPT LOCAL 
> into /etc/hosts.deny. I did that and my /etc/hosts.allow is empty. That entry
> was what caused my problem.  As soon as I took out the above entry I was
> working.  As I understand this the only host that would be able to use leafnode is localhost.
> As in deny leafnode: for ALL EXCEPT LOCAL.  

I learned the hard way. But I was lucky...

I forgot/neglected to add anything to HOSTS.DENY - within days I was the
target of a spammer, my system happily accepting 2300 news messages posted to
a huge number of newsgroups, all advertising porn.

However, like I said, I was lucky...I had been having problems with my system
and to try to isolate the problem I had taken to running fetchnews
manually. Hence I found 2.8Megs of news awaiting delivery before the damage
was done. Since that day the spammer has tried to connect to my news server
every minute (for the last 3 weeks).

My solution is below (beware the word wrap). I have one IP ( and
a masqueraded home LAN using 10.0.2.* addresses.

# ----------------------------
# Block all access to NNTP from the outside world!
ipchains -A input  -i ppp0 -p tcp -d 119 -j DENY
ipchains -A output -i ppp0 -p tcp -s -d 119 -j ACCEPT
ipchains -A output -i eth0 -p tcp -s -d 119 -j ACCEPT
# ----------------------------

Now instead of my system having to reply to each attempt with a "connection
denied" message, the incoming packets just get dropped cold. And my machines
can still access Leafnode just fine.

Perhaps somthing like the above could be added to the docs another way of
adding security?


 <http://www.fl.net.au/~rosco>                      [ICQ No. 9391313] 
               [change borg to org to reply by email]

If parents would only realize how they bore their children.
		-- G.B. Shaw

leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx -- mailing list for leafnode
To unsubscribe, send mail with "unsubscribe" in the subject to the list