Securing your network: An introduction to TCP wrappers

TCP wrappers are intended to provide wrapper daemons that can be installed without any changes to existing software. Most TCP/IP applications depend on the client/server model -- i.e., when a client requests a connection, a server process is started on the host. TCP wrappers work by interposing an additional layer, or wrapper, between client and server.

In the basic service, the wrapper simply logs the name of the client host and requested service, then hands this information over to the real daemon; it neither exchanges information with the client or server nor imposes overhead on the actual conversation between the two. Optional features may be enabled, including access control, client-user name lookups, and additional protection against hostname spoofing.

(The current version of the software, 7.6, can be obtained via FTP. See the Resources section below for the URL.)

Compilation

Many Unix flavors are supported by TCP wrappers, so you shouldn't have any trouble building from source. There are, however, a few decisions to make at compile time. Features, for example, can be turned on or off through definitions. Here is a list, with default values shown where appropriate:

STYLE = -DPROCESS_OPTIONS:	Enable language extensions. This is disabled by default.
FACILITY = LOG_MAIL:	Where do log records go? I prefer to set this to LOG_DAEMON so that everything goes to /var/log/daemon.
SEVERITY = LOG_INFO:	Indicates what level to give to the log message. The default, LOG_INFO, is fine.
HOSTS_ACCESS:	When compiled with this option, wrapper programs support a simple form of access control. Sign up for ITworld's Daily newsletter Follow ITworld on Twitter @IT_world 12345next » I like it! Email Print Share Slashdot Digg Stumble Reddit Newsvine Post a comment Your name: * E-mail: * The content of this field is kept private and will not be shown publicly. Subject: Comment: * Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> Lines and paragraphs break automatically. Incorrect please try again Try another Vision impaired Word challenge Help * Type both words below, separated by a space Security Check provided by reCAPTCHA. © 2008 Carnegie Mellon University, All rights reserved. peer-to-peer jfruh Apple syncing patent can't come soon enough pasmith New Twitter features borrow from 3rd party clients Esther Schindler Open Source Changes the Software Acquisition Process mikelgan How to set up continuous podcast play on the new iTunes David Strom Five important Windows 7 mobility features sjvn Guard your Wi-Fi for your own sake                         Sandra Henry-Stocker Grepping on Whole Words   Sidekick: The Good News & the Bad News Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data. - mburton325 Join the conversation here The Daily Tip Quick, practical advice for IT pros. Made fresh daily. Hot tips: How to extract your LinkedIn, Facebook contacts Tomcat performance tuning tips More... Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card. Newsletters Subscribe to ITWORLD TODAY and receive the latest IT news and analysis. *E-mail address: *Verify E-mail: *Job Title: --select--IT Management: CIO, CTO, CSOIT Management: Executive VP, Senior VPIT Management: VPIT Management: DirectorIT Management: ManagerIT Management: SupervisorIT Management: Systems IntegratorIT Management: Technical ConsultantBusiness Management: CEO, COO, Chairman, PresidentBusiness Management:CFO, Controller, TreasurerBusiness Management: Executive VP, Senior VP, VP, GMBusiness Management: Director, ManagerBusiness Management: Other Corporate, Business ManagerBusiness Management: Consultant (Non-Technical)Other: IT StaffOther: Non-Manager *Industry: --select--Non-Tech: Advertising/Marketing/PR/Media (Publishing, Broadcast, Online)Non-Tech: Aerospace/Defense ContractorNon-Tech: Agriculture/Forestry/FisheriesNon-Tech: Business Services/ConsultantNon-Tech: Construction/Architecture/EngineeringNon-Tech: EducationNon-Tech: Finance/Banking/AccountingNon-Tech: Government - Federal (including Military)Non-Tech: Government - State/LocalNon-Tech: Healthcare/Medical/Pharmaceutical/Bio-TechNon-Tech: Insurance/Real Estate/LegalNon-Tech: Manufacturing & Process IndustriesNon-Tech: Mining/Oil/GasNon-Tech: Retailer/Wholesaler/Distributor (non-computer)Non-Tech: Transportation/Utilities (Energy, Water, etc.)Non-Tech: Travel/Hospitality/Entertainment/RecreationNon-Tech: OtherTech: Communication Carriers (ISP, Telecomm, Data Comm, Cable)Tech: Computer/Network ConsultantTech: E-Commerce/InternetTech: Retailer/Distributor/Wholesaler (computer-related)Tech: Manufacturing - Hardware/SoftwareTech: Service Provider (MSP, BSP, ASP, ESP, Web Hosting)Tech: VAR/VAD/OEMTech: OtherNon-Tech: Venture Capital/Private Equity/M&ANon-Tech: Venture Service Provider (Inv. Banker/Legal/Accounting/Etc.) *Company Size: --select--20,000 OR MORE10,000 - 19,9995,000 - 9,9991,000 - 4,999500 - 999100 - 49950 - 99LESS THAN 50 *Country --select--United StatesAfghanistanAlbaniaAlgeriaAndorraAngolaAnguillaAntigua and BarbudaArgentinaArmeniaArubaAustraliaAustriaAzerbaijanBahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBermudaBhutanBoliviaBosnia and HerzegovinaBotswanaBR Virgin IslandsBrazilBritish West IndiesBrunei DarussalamBulgariaBurkina FasoBurundiCambodiaCameroonCanadaCape VerdeCayman IslandsCentral African RepublicChadChileChinaColombiaComorosCongoCongo (Democratic Republic of the)CroatiaCubaCyprusCzech RepublicDenmarkDjiboutiDominicaDominican RepublicEast TimorEcuadorEgyptEl SalvadorEquatorial GuineaEritreaEstoniaEthiopiaFijiFalkland IslandsFinlandFranceFrench GuineaGabonGambiaGeorgiaGermanyGhanaGibraltarGreeceGreenlandGrenadaGuadeloupeGuatemalaGuineaGuinea-BissauGuyanaHaitiHondurasHungaryIcelandIndiaIndonesiaIran (Islamic Republic of)IraqIrelandIsraelItalyJamaicaJapanJordanKazakhstanKenyaKiribatiKorea (Republic Of)KuwaitKyrgyzstanDemocratic Republic LaoLatviaLebanonLesothoLiberiaLibyan Arab JamahiriyaLiechtensteinLithuaniaLuxembourgMacauMacedoniaMadagascarMalawiMalaysiaMaldivesMaliMaltaMarshall IslandsMartiniqueMauritaniaMauritiusMexicoMicronesia (Federated States of)Moldova (Republic of)MonacoMongoliaMontserratMoroccoMozambiqueMyanmarNamibiaNauruNepalNetherlandsNetherlands AntillesNew ZealandNicaraguaNigerNigeriaNorwayOmanPakistanPalauPanamaPapua New GuineaParaguayPeruPhilippinesPolandPortugalPuerto RicoQatarRomaniaRussian FederationRwandaST KittsST LuciaST VincentSamoaSan MarinoSao Tome And PrincipeSaudi ArabiaSenegalSeychellesSierra LeoneSingaporeSlovakiaSloveniaSolomon IslandsSomaliaSouth AfricaSpainLanka Sri LankaSudanSurinamSwazilandSwedenSwitzerlandSyrian Arab RepublicTaiwan (Province of China)TajikistanTanzania (United Republic of)ThailandTogoTokelauTongaTrinidad And TobagoTunisiaTurkeyTurkmenistanTuvaluUgandaUkraineUnited Arab EmiratesUnited KingdomUruguayUS Virgin IslandsUzbekistanVanuatuVaticanVenezuelaViet NamWestern SaharaYemenYugoslaviaZambiaZimbabwe * State: --select--ALABAMAALASKAARIZONAARKANSASCALIFORNIACOLORADOCONNECTICUTDELAWAREDISTRICT OF COLUMBIAFLORIDAGEORGIAHAWAIIIDAHOILLINOISINDIANAIOWAKANSASKENTUCKYLOUISIANAMAINEMARYLANDMASSACHUSETTSMICHIGANMINNESOTAMISSISSIPPIMISSOURIMONTANANEBRASKANEVADANEW HAMPSHIRENEW JERSEYNEW MEXICONEW YORKNORTH CAROLINANORTH DAKOTAOHIOOKLAHOMAOREGONPENNSYLVANIARHODE ISLANDSOUTH CAROLINASOUTH DAKOTATENNESSEETEXASUTAHVERMONTVIRGINIAWASHINGTONWEST VIRGINIAWISCONSINWYOMING I would like to receive offers via email from ITworld partners. By clicking submit you agree to the terms and conditions outlined in ITworld's privacy policy. view all newsletters » Tags Apple applications BI cloud computing Facebook iPhone Microsoft networking slideshow The Daily Tip Ubuntu Windows 7 webcasts & white papers Doing More with Less – Automating IT Services in Your Midsize Business Architecting Business Intelligence Applications for Change: The Open Solution Preventing Data Breaches in Privileged Accounts Using Access Control Security convergence equals network security cost savings PCI DSS Compliance in the UNIX/Linux Datacenter Environment Top to Bottom Performance Management Excellence at the City of Chicago From Trust to Process: Closing the Risk Gap in Privileged Access Control Strategies for Driving Down IT Support Costs with Lite ITIL Practices Privileged Access Lifecycle Management: How PALM Enables Security, Compliance, and Efficiency for Enterprise IT Horror stories: Managing IT Across Multiple Locations view all webcasts»   view all white papers» RESOURCE ALERTS Get instant email notifications when Software Development white papers, webcasts and case studies are added to our library. Sign up » featured download Ease integration of Unix, Linux and Windows-based computers Surviving Windows is easier than you think… MKS offers the power of an integrated all-in-one environment and provides you with the Power of UNIX on Windows Learn More Brought to you by: Free books We have 5 copies of these two new books to give to some lucky readers. The deadline for entries is November 30, 2009. iPhone for Programmers: An App-Driven Approach Everything you need to start developing great iPhone apps. Enter now! The Google Way Discover how Google's culture of innovation is reinventing business. Enter now! IT Jobs Seven Windows 7 keyboard shortcuts How to extract your LinkedIn, Facebook contacts An important Linux fix Unix Tip: Grepping on whole words iPhone Hints: Lock picture orientation in Photos Priceless! The 25 Funniest Vintage Tech Ads My oh my, how things have changed. These 25 vintage tech ads are guaranteed to take you back -- and, in most cases, remind you how truly terrible our tastes once were. Click ahead, and enjoy the shame-free trip down memory lane. Featured Sponsor Case Study: AISO grows its "green" business AISO founders envisioned a Web hosting company that was environmentally friendly. While the company employed energy-efficient innovations like solar panels, its infrastructure produced unacceptable power and cooling requirements. Find out how AISO leveraged AMD technology to overcome their challenge in this case study white paper. Download this white paper » Myth of the Million Dollar Database In this whitepaper, Scalar explores the opportunity to change the landscape with respect to mission critical databases built around Oracle. Leveraging technologies such as Linux, high-end commodity processing power and Oracle RAC technology to architect, design, build and maintain database infrastructure that delivers maximum availability, reliability and performance at a fraction of traditional cost. Download this white paper » Success Story: Weather.com handles whatever nature serves up On a typical day, weather.com, the Web site for The Weather Channel in Atlanta, serves up between 15 million and 20 million page views. But in September 2004, when back-to-back hurricanes ransacked Florida, the peak traffic on one day more than tripled: over 70 million page views by more than 7 million unique visitors. Read the full success story now. Download this white paper » Marketplace Sponsored links See how AT&T can help protect your network. Unified Communications: Thoughts, Strategies and Predictions. Join the discussion. Slow PC? Automatically update your drivers with DriverAgent Engineer's Toolset v10: A collection of Tools for Fast Fixes to Network Issues ITwhitepapers.com - Access thousands of whitepapers on 300+ technical topics. Free Exchange webinar from Microsoft and Double-Take Software Top 5 Reasons Application Performance and Network Security Go Together About Us :: Advertise :: Contacts :: Privacy Policy :: Sitemap :: Submission Guidelines :: Submit an Article :: Terms of Service :: © 1994 - 2009 ITworld. All rights reserved. The IDG Network CIO :: Computerworld :: CSO :: DEMO :: GamePro :: Games.net :: IDC :: IDG :: IDG Connect :: IDG Knowledge Hub :: IDG Tech Network :: IDG Ventures IDG.net :: Infoworld :: ITwhitepapers :: ITworld :: JavaWorld :: LinuxWorld :: MacUser :: Macworld :: Network World :: PC World :: The Industry Standard