| Red Hat Docs > Manuals > Red Hat High Availability Server Manuals > |
|
After installing Red Hat High Availability Server 1.0, you will need to consider the security-related aspects of deploying a highly-available server environment. As a first step in this process, the installation program makes the following changes to the network environment over that used in a standard Red Hat Linux 6.2 installation.
The tcp_wrappers utility is used to control access to many network services. Therefore, the default /etc/hosts.deny is set to ALL: ALL (meaning that all remote hosts are denied access to all services). In addition, /etc/hosts.allow contains no active entries, meaning that any service run out of inetd would fail to start and a message to that effect is recorded in the system message logs. You should edit /etc/hosts.allow to include only trusted systems that should be allowed access.
The following man pages are part of tcp_wrappers:
hosts.allow
hosts.deny.5.gz
hosts_access (Section 3)
hosts_access (Section 5)
hosts_options
tcpd
tcpdchk
tcpdmatch