I read some articles about tcp wrapper. why we actually need that if we already have packet filtering firewall installed?
so what actually the main purpose of tcp wrapper?
and how about xinet.d? aren't they doing the same thing?
thanks for any guide
TCP wrappers lets you add another layer of security, after your firewall.. it provides further access control and logging. When someone tries to connect to a 'wrapped' service, it will access /etc/hosts.allow and /etc/hosts.deny to determine whether to allow the connection or not.
xinetd is a replacement for inetdacts as a 'super server' controlling connections to all services it manages. It can save system resources and provide logging facilities. It can also allow connections based on the time, as well as limit the number of connections or the load.
xinetd itself is a service wrapped by tcp wrappers. In other words xinetd makes use of tcp wrappers