Welcome to Firewall.cx   Cisco Technical Knowledgebase
Modules
· Home
· Alternative Menu
· Amazon
· Cisco Decrypter
· Cisco Lab Partners
· Feedback
· Forums
· Max Arcade
· Private Messages
· Recommend Us
· Statistics
· Stories Archive
· Submit News
· Surveys
· Topics
· Web Links
· Your Account
 
Cisco Knowledgebase Articles
 
Site Info
Your IP: 38.107.191.113

Welcome, Anonymous
Nickname
Password

· Register
· Lost Password
Server Date/Time
3 September 2010 08:46:57 EEST (GMT +3)
 
Top Downloads
 
Gold Lab Partners


 
Firewall.cx: Forums

Firewall.cx :: View topic - tcp wrapper
Forums Home
Forum FAQ :: Search :: Memberlist :: Usergroups
Profile :: Log in to check your private messages :: Log in

tcp wrapper
 View next topic
View previous topic
Post new topic   Reply to topic  Firewall.cx Forum Index » Firewall Filtering, IDS/IPS & Security
Author Message
ice_hero
New Member
New Member


Joined: Sep 20, 2003
Posts: 9
PostPosted: Thu Oct 09, 2003 3:33 am    Post subject: tcp wrapper Reply with quote
I read some articles about tcp wrapper. why we actually need that if we already have packet filtering firewall installed?
so what actually the main purpose of tcp wrapper?
and how about xinet.d? aren't they doing the same thing?
thanks for any guide Very Happy
Back to top
View user's profile Send private message
sahirh
Associate Editor & Security Advisor


Joined: Aug 14, 2003
Posts: 1699
Location: Mumbai, India.
PostPosted: Thu Oct 09, 2003 6:50 am    Post subject: Reply with quote
TCP wrappers lets you add another layer of security, after your firewall.. it provides further access control and logging. When someone tries to connect to a 'wrapped' service, it will access /etc/hosts.allow and /etc/hosts.deny to determine whether to allow the connection or not.

xinetd is a replacement for inetdacts as a 'super server' controlling connections to all services it manages. It can save system resources and provide logging facilities. It can also allow connections based on the time, as well as limit the number of connections or the load.

xinetd itself is a service wrapped by tcp wrappers. In other words xinetd makes use of tcp wrappers

I think these things are best explained with a diagram:
http://linux-rep.fnal.gov/rhl-rg-en-9/ch-tcpwrappers.html

For more on xinetd
http://www.redhat.com/docs/manuals/linux/RHL-7.3-Manual/custom-guide/s1-services-tcp-wrappers.html

That should help you out,
_________________
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
http://tftfotw.blogspot.com
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:       
Post new topic   Reply to topic  Firewall.cx Forum Index » Firewall Filtering, IDS/IPS & Security


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum




smartDark Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group
 
Forums ©

© Copyright 2000-2010 Firewall.cx - All Rights Reserved

Copyright of all documents and images belonging to this site by Firewall.cx. Information contained on this site is copyrighted material.

It is illegal to copy or redistribute this information in any way without the written consent of Firewall.cx


Firewall.cx disclaims any responsibility for software and information obtained through this site or its links.


Page Generation: 0.35 Seconds