Welcome to Firewall.cx - The Site For Networking Professionals

 
Modules
· Home
· Alternative Menu
· Amazon
· Cisco Decrypter
· Cisco Lab Partners
· Feedback
· Forums
· Max Arcade
· Private Messages
· Recommend Us
· Statistics
· Stories Archive
· Submit News
· Surveys
· Topics
· Web Links
· Your Account
 
Cisco Knowledgebase Articles
 
Site Info
Welcome, Anonymous
Nickname
Password
Security Code: Security Code
Type Security Code:

· Register
· Lost Password
Membership:
Latest: Check the profile of Krusty_47 Krusty_47
New Today: 4
New Yesterday: 7
Waiting: 1
Overall: 25794
People Online:
Visitors: 119
Members: 2
Hidden: 0
Total: 121
Online Now:
01: Check the profile of geet Send a quick private message to geet geet
02: Check the profile of S0lo Send a quick private message to S0lo S0lo
We received
75376362
page views since
15th September 2003
Hits New Today: 24326
Hits New Yesterday: 36694
 
Top Downloads
 
Gold Lab Partners


 
Firewall.cx - The Site For Networking Professionals: Forums

Firewall.cx :: View topic - tcp wrapper
Forums Home
Forum FAQ :: Search :: Memberlist :: Usergroups
Profile :: Log in to check your private messages :: Log in

tcp wrapper

 
Post new topic   Reply to topic    Firewall.cx Forum Index -> Firewall Filtering, IDS/IPS & Security
View previous topic :: View next topic  
Author Message
ice_hero
New Member
New Member


Joined: Sep 20, 2003
Posts: 9
PostPosted: Thu Oct 09, 2003 3:33 am    Post subject: tcp wrapper Reply with quote
I read some articles about tcp wrapper. why we actually need that if we already have packet filtering firewall installed?
so what actually the main purpose of tcp wrapper?
and how about xinet.d? aren't they doing the same thing?
thanks for any guide Very Happy
Back to top
View user's profile Send private message
sahirh
Associate Editor & Security Advisor


Joined: Aug 14, 2003
Posts: 1699
Location: Mumbai, India.
PostPosted: Thu Oct 09, 2003 6:50 am    Post subject: Reply with quote
TCP wrappers lets you add another layer of security, after your firewall.. it provides further access control and logging. When someone tries to connect to a 'wrapped' service, it will access /etc/hosts.allow and /etc/hosts.deny to determine whether to allow the connection or not.

xinetd is a replacement for inetdacts as a 'super server' controlling connections to all services it manages. It can save system resources and provide logging facilities. It can also allow connections based on the time, as well as limit the number of connections or the load.

xinetd itself is a service wrapped by tcp wrappers. In other words xinetd makes use of tcp wrappers

I think these things are best explained with a diagram:
http://linux-rep.fnal.gov/rhl-rg-en-9/ch-tcpwrappers.html

For more on xinetd
http://www.redhat.com/docs/manuals/linux/RHL-7.3-Manual/custom-guide/s1-services-tcp-wrappers.html

That should help you out,
_________________
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
http://tftfotw.blogspot.com
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Firewall.cx Forum Index -> Firewall Filtering, IDS/IPS & Security All times are GMT + 2 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
© Copyright 2000-2009 Firewall.cx - All Rights Reserved

Copyright of all documents and images belonging to this site by Firewall.cx. Information contained on this site is copyrighted material. It is illegal to copy or redistribute this information in any way without the written consent of Firewall.cx

Firewall.cx disclaims any responsibility for software and information obtained through this site or its links.

Page Generation: 0.382 Seconds