ARCHIVED: What is tcp_wrappers, and how do I use it?
UITS highly recommends tcp_wrappers
as a
security tool for all Indiana University Unix workstations
and servers. Many distributions include it by default; consult your
distribution's documentation. The University Information Security
Office (UISO) has instructions for downloading, installing, and
using tcp_wrappers
on its website.
The tcp_wrappers
utility is usually configured to wrap
around TCP-based services defined in inetd.conf
. When a
remote host accesses a "wrapped" service, the connection has to first
go through the logging and access control mechanisms enforced by
tcp_wrappers
before it is allowed to proceed.
If you must allow network access to your computer, you can use the
improved access logging facility provided by tcp_wrappers
even for services (such as rlogin
) that traditionally do
not have a very good logging mechanism. These logs are useful in
tracking unauthorized use.
You can use tcp_wrappers
for fine-grained control over
who can and cannot access your computer. You can enforce access
control differently for each wrapped service. For example, you can
limit telnet access to a specific domain (such as
indiana.edu
) but allow world access for FTP
(with improved logging).
At Indiana University, for personal or departmental Linux or Unix systems support, see Get help for Linux or Unix at IU.
Related documents
This is document adop in the Knowledge Base.
Last modified on 2018-01-18 10:31:37.