Securing your network: An introduction to TCP wrappers
TCP wrappers are intended to provide wrapper daemons that can be installed without any changes to existing software. Most TCP/IP applications depend on the client/server model -- i.e., when a client requests a connection, a server process is started on the host. TCP wrappers work by interposing an additional layer, or wrapper, between client and server.
In the basic service, the wrapper simply logs the name of the client host and requested service, then hands this information over to the real daemon; it neither exchanges information with the client or server nor imposes overhead on the actual conversation between the two. Optional features may be enabled, including access control, client-user name lookups, and additional protection against hostname spoofing.
(The current version of the software, 7.6, can be obtained via FTP. See the Resources section below for the URL.)
Compilation
Many Unix flavors are supported by TCP wrappers, so you shouldn't have any trouble building from source. There are, however, a few decisions to make at compile time. Features, for example, can be turned on or off through definitions. Here is a list, with default values shown where appropriate:
STYLE = -DPROCESS_OPTIONS: |
Enable language extensions. This is disabled by default. |
FACILITY = LOG_MAIL: |
Where do log records go? I prefer to set this to LOG_DAEMON so that everything goes to /var/log/daemon. |
SEVERITY = LOG_INFO: |
Indicates what level to give to the log message. The default, LOG_INFO, is fine. |
HOSTS_ACCESS: |
When compiled with this option, wrapper programs support a simple form of access control.
Sign up for ITworld's Daily newsletter
Post a comment
peer-to-peer
Sidekick: The Good News & the Bad News Join the conversation here The Daily Tip
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card. Tags
Featured Sponsor
AISO founders envisioned a Web hosting company that was environmentally friendly. While the company employed energy-efficient innovations like solar panels, its infrastructure produced unacceptable power and cooling requirements. Find out how AISO leveraged AMD technology to overcome their challenge in this case study white paper.
In this whitepaper, Scalar explores the opportunity to change the landscape with respect to mission critical databases built around Oracle. Leveraging technologies such as Linux, high-end commodity processing power and Oracle RAC technology to architect, design, build and maintain database infrastructure that delivers maximum availability, reliability and performance at a fraction of traditional cost.
On a typical day, weather.com, the Web site for The Weather Channel in Atlanta, serves up between 15 million and 20 million page views. But in September 2004, when back-to-back hurricanes ransacked Florida, the peak traffic on one day more than tripled: over 70 million page views by more than 7 million unique visitors. Read the full success story now. Marketplace
Sponsored links
|




















