February 2020
Intermediate to advanced
666 pages
15h 45m
English
Content preview from Mastering Linux Security and Hardening - Second Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Configuring whitelists with TCP Wrappers
It's a strange name, but a simple concept. TCP Wrappers – singular, not plural – listens to incoming network connections, and either allows or denies connection requests. Whitelists and blacklists are configured in the /etc/hosts.allow file and the /etc/hosts.deny file. Both of these files work together. If you create a whitelist in hosts.allow without adding anything to hosts.deny, nothing will be blocked. That's because TCP Wrappers consults hosts.allow first, and if it finds a whitelisted item there, it will just skip over looking in hosts.deny. If a connection request comes in for something that isn't whitelisted, TCP Wrappers will consult hosts.allow, find that there's nothing there for the source ...