overkill? lets see.<br><br>iptables..<br><br>better performance..<br><br>better logging<br><br>implement at kernel , not in a libwrap.a<br><br>can control ICMP traffic, and other weirdo packets.<br><br>http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/tcpwrappers.html<br><br>quote.<br>''The added functionality of <acronym class="ACRONYM">TCP</acronym> Wrappers should not be considered a replacement for a good firewall. <acronym class="ACRONYM">TCP</acronym> Wrappers can be used in conjunction with a firewall or other security enhancements though and it can serve nicely as an extra layer of protection for the system.'<br><br>if you want to argue with the freebsd guys, be my guest.<br><br>;-)<br><br><br><br><br><br><br><b><i>Andrew Clayton <andrew@digital-domain.net></i></b> wrote:<blockquote class="replbq" style="border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; padding-left: 5px;"> On Sat, 13 Oct 2007 00:48:00 +0100 (BST), Lee Hughes
wrote:<br><br>> hmm, lsattr huh! looks like it's doing ioctl's?!!<br>> <br>> what wrong with ls -l these days?<br><br>They show different things.<br><br>> you know r-x-rwx--x sort of format?<br>> <br>> by the looks of your post your in /proc when<br>> your running it? that's a bad idea.<br>> <br>> host.deny.. tcp wrapper, it's so old, I don't think<br>> it's even supported anymore..<br><br>On the contrary it's still very much in use.<br><br>> use iptables, it's for real men/women/aliens.<br><br>iptables is generally overkill for an end point machine. Remember this<br>not windows!<br><br>> Laters,<br>> Lee<br><br>Andrew<br><br>_______________________________________________<br>dundee GNU/Linux Users Group mailing list<br>dundee@lists.lug.org.uk http://dundee.lug.org.uk<br>https://mailman.lug.org.uk/mailman/listinfo/dundee<br>Chat on IRC, #tlug on dundee.lug.org.uk<br></blockquote><br><p> 
<hr size=1>
For ideas on reducing your carbon footprint visit <a href="http://uk.promotions.yahoo.com/forgood/environment.html">Yahoo! For Good</a> this month.