>TCP Wrapper

By | December 20, 2009

>

TCP Wrapper add additional layer of protection for linux system.  TCP Wrappers can be used to GRANT or DENY access to various network services on your machine to the outside network or other machines on the same network. It does this by using simple access list rules which are included in the two files /etc/hosts.allow and /etc/hosts.deny .
                  One must remember that hosts.allow takes precedence over hosts.deny. So for example if host A is allowed to ssh access your system using hosts.allow then hosts.deny entry doesn’t affect any way. Also remember that by default all sort of incoming and outgoing is allowed if respective entries missing in both hosts.allow and hosts.deny.
Example of using TCP Wrapper
 
Suppose you  want to allow SSH access to hosts in a particular domain say abc.com and deny access to all the others. Then edit hosts.allow and hosts.deny files in following ways
/etc/hosts.allow
                 sshd : .abc.com
/etc/hosts.deny
        sshd : ALL

I will also discuss some complex examples of using tcp wrapper in coming days.

Share itShare on FacebookEmail this to someoneTweet about this on TwitterShare on Google+Share on LinkedInPrint this page

2 thoughts on “>TCP Wrapper

  1. Mukesh

    >Its another way to allow or block, if i am right?
    vi /etc/hosts.deny
    sshd : All EXCEPT .abc.com

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Current month ye@r day *