TCP wrappers

  • Configuring TCP wrappers (tcpd) using /etc/hosts.allow and /etc/hosts.deny can enhance security for daemons controlled by inetd or xinetd.

  • tcpd is often configured to deny access to all systems for all services (a blanket deny), and then specific systems are specified for legitimate access to services (limited allow).

  • tcpd logs using syslog, commonly to /var/log/secure.

Get LPI Linux Certification in a Nutshell, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.