268 lines
4.4 KiB
HTML
268 lines
4.4 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>The /etc/host.conf file</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.60"><LINK
|
|
REL="HOME"
|
|
TITLE="Securing and Optimizing Linux"
|
|
HREF="index.html"><LINK
|
|
REL="UP"
|
|
TITLE="Files -Networking Functionality"
|
|
HREF="file-netfunc.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="The /etc/resolv.conf file"
|
|
HREF="chap9sec91.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="The /etc/sysconfig/network file"
|
|
HREF="chap9sec93.html"></HEAD
|
|
><BODY
|
|
CLASS="section"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>Securing and Optimizing Linux: RedHat Edition -A Hands on Guide</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="chap9sec91.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
>Chapter 9. Files -Networking Functionality</TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="chap9sec93.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="section"
|
|
><H1
|
|
CLASS="section"
|
|
><A
|
|
NAME="AEN6059"
|
|
>9.4. The <TT
|
|
CLASS="filename"
|
|
>/etc/host.conf</TT
|
|
> file</A
|
|
></H1
|
|
><P
|
|
> This file specifies how names are resolved. Linux uses a resolver library to obtain the <SPAN
|
|
CLASS="acronym"
|
|
>IP</SPAN
|
|
> address corresponding to a host name.
|
|
Following is a sample <TT
|
|
CLASS="filename"
|
|
>/etc/host.conf</TT
|
|
> file:
|
|
</P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="programlisting"
|
|
> # Lookup names via DNS first then fall back to /etc/hosts.
|
|
order bind,hosts <A
|
|
NAME="hs.cnf.co1"
|
|
><IMG
|
|
SRC="../images/callouts/1.gif"
|
|
HSPACE="0"
|
|
VSPACE="0"
|
|
BORDER="0"
|
|
ALT="(1)"></A
|
|
>
|
|
# We have machines with multiple addresses.
|
|
multi on <A
|
|
NAME="hs.cnf.co2"
|
|
><IMG
|
|
SRC="../images/callouts/2.gif"
|
|
HSPACE="0"
|
|
VSPACE="0"
|
|
BORDER="0"
|
|
ALT="(2)"></A
|
|
>
|
|
# Check for <SPAN
|
|
CLASS="acronym"
|
|
>IP</SPAN
|
|
> address spoofing.
|
|
nospoof on <A
|
|
NAME="hs.cnf.co3"
|
|
><IMG
|
|
SRC="../images/callouts/3.gif"
|
|
HSPACE="0"
|
|
VSPACE="0"
|
|
BORDER="0"
|
|
ALT="(3)"></A
|
|
>
|
|
</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><DIV
|
|
CLASS="calloutlist"
|
|
><DL
|
|
COMPACT="COMPACT"
|
|
><DT
|
|
><A
|
|
HREF="chap9sec92.html#hs.cnf.co1"
|
|
><IMG
|
|
SRC="../images/callouts/1.gif"
|
|
HSPACE="0"
|
|
VSPACE="0"
|
|
BORDER="0"
|
|
ALT="(1)"></A
|
|
></DT
|
|
><DD
|
|
> The order option indicates the order of services. The sample entry specifies that the resolver library should first consult the name server (DNS) to resolve a name and then check the <TT
|
|
CLASS="filename"
|
|
>/etc/hosts</TT
|
|
> file.
|
|
</DD
|
|
><DT
|
|
><A
|
|
HREF="chap9sec92.html#hs.cnf.co2"
|
|
><IMG
|
|
SRC="../images/callouts/2.gif"
|
|
HSPACE="0"
|
|
VSPACE="0"
|
|
BORDER="0"
|
|
ALT="(2)"></A
|
|
></DT
|
|
><DD
|
|
> The multi option determines whether a host in the <TT
|
|
CLASS="filename"
|
|
>/etc/hosts</TT
|
|
> file can have multiple <SPAN
|
|
CLASS="acronym"
|
|
>IP</SPAN
|
|
> addresses multiple interface <TT
|
|
CLASS="literal"
|
|
>ethN.</TT
|
|
> Hosts that have more than one <SPAN
|
|
CLASS="acronym"
|
|
>IP</SPAN
|
|
> address are said to be multiomed, because the presence of multiple <SPAN
|
|
CLASS="acronym"
|
|
><SPAN
|
|
CLASS="acronym"
|
|
>IP</SPAN
|
|
></SPAN
|
|
> addresses implies that host has several network interfaces.
|
|
</DD
|
|
><DT
|
|
><A
|
|
HREF="chap9sec92.html#hs.cnf.co3"
|
|
><IMG
|
|
SRC="../images/callouts/3.gif"
|
|
HSPACE="0"
|
|
VSPACE="0"
|
|
BORDER="0"
|
|
ALT="(3)"></A
|
|
></DT
|
|
><DD
|
|
> The nospoof option indicates to take care of not permitting spoofing on this machine. <SPAN
|
|
CLASS="acronym"
|
|
>IP</SPAN
|
|
>-Spoofing is a security exploit that works by tricking computers in a trust relationship that you are someone that you really aren't.
|
|
</DD
|
|
></DL
|
|
></DIV
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="chap9sec91.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="chap9sec93.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>The <TT
|
|
CLASS="filename"
|
|
>/etc/resolv.conf</TT
|
|
> file</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="file-netfunc.html"
|
|
>Up</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>The <TT
|
|
CLASS="filename"
|
|
>/etc/sysconfig/network</TT
|
|
> file</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |