Restrict access to a particular server.

Aaron Bliss abliss at brockport.edu
Tue Oct 21 16:19:43 UTC 2008


Rob,
Your right.  Apologies for the bad information (I didn't think of
standalones such as sshd or httpd).  It can be a standalone daemon and still
support tcp wrappers.  My point was, is that regardless of whether this
daemon or that daemon has or hasn't been compiled with libwrap, a good set
of iptables (speaking for RedHat boxes) makes that detail moot.

Aaron

-----Original Message-----
From: redhat-list-bounces at redhat.com [mailto:redhat-list-bounces at redhat.com]
On Behalf Of Marti, Rob
Sent: Tuesday, October 21, 2008 12:13 PM
To: 'General Red Hat Linux discussion list'
Subject: RE: Restrict access to a particular server.

It has to be compiled with libwrap, but that doesn't mean that xinetd
controls it.

Rob Marti

-----Original Message-----
From: redhat-list-bounces at redhat.com [mailto:redhat-list-bounces at redhat.com]
On Behalf Of Aaron Bliss
Sent: Tuesday, October 21, 2008 11:10 AM
To: 'General Red Hat Linux discussion list'
Subject: RE: Restrict access to a particular server.

Russ,
How could this not be true if the daemon isn't compiled with libwrap. One
example that comes to mind right off the top of my head is netbackup.  I'm
sure there are many others.

Aaron

-----Original Message-----
From: redhat-list-bounces at redhat.com [mailto:redhat-list-bounces at redhat.com]
On Behalf Of R P Herrold
Sent: Tuesday, October 21, 2008 11:51 AM
To: General Red Hat Linux discussion list
Subject: Restrict access to a particular server.

On Mon, 20 Oct 2008, Aaron Bliss wrote:

> Speaking of RedHat (and possibly other nix's), the trouble with tcp
> wrappers, is that only services governed by xineted have tcp wrappers
rules
> applied to them, whereas iptables rules apply to any daemon running on the
> box.

not true of course ---  and it is Red Hat

]$ ldd /usr/sbin/sshd | grep wrap
         libwrap.so.0 => /usr/lib64/libwrap.so.0

-- Russ herrold

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list




More information about the redhat-list mailing list