[KLUG Members] Question on TCP_wrappers, xinetd
Adam Tauno Williams
members@kalamazoolinux.org
Mon, 24 Feb 2003 07:59:06 -0500
>Is Tcp wrappers still in use?
Yes, and maintained.
>just wonderin if it's a good practice to use Tcp wrappers?
Sure, but often people choose to use ipchains/iptables. If you want REAL
secutiry use both, plus any application specific restrictions that might be
available.
>what context can we use it?
The obvious ones.
>How does xinetd compare?
xinted is linked to tcp wrapper library, or so thats what I believe. So its
allow = deny = lines are the same as specifying hosts.allow/hosts.deny entries.
And easier to maintain.
>Can I use either of them to aid in improving the security of a HTTP server?
Certainly.