Friday, August 19, 2011

TCP Wrapper Determine TCP Wrapper Support

TCP Wrapper is a host-based Networking ACL system, used to filter network access to our linux system. Remember libwrap is the actual library that implement TCP Wrapper. But How we will determine which daemons support TCP Wrapper, i mean which server application are compiled with libwrap? . Use the following command

root# egrep libwrap /usr/bin/* /usr/sbin/*
/usr/sbin/vsftpd
/usr/sbin/sshd
.....
While configuring TCP Wrapper you can use base name , i mean in my example vsftpd and sshd to set access right. For example you can set following in /etc/host.deny

sshd : ALL

To deny ssh access to all computers.