Linux.com: Linux Security: TCP-Wrappers?May 04, 2000, 11:34 (0 Talkback[s])
(Other stories by Scott Nipp)
"Linux, like any operating system, is only as secure as you make it. Any computer that is connected to a network, and especially the Internet, is susceptible to being compromised. Security is an issue that affects everyone from home users who may have credit card information and such to businesses that may have business plans and product design specifications stored on these systems. TCP-Wrappers is a software package available for Linux that greatly simplifies securing these systems."
"Unix networking is based on the concept of services. A Unix server provides a "service" to the rest of the network to which it is connected. These services, such as FTP or HTTP, then provide the functionality required. Linux being derived from Unix provides services in the same manner as other traditional Unix systems. There is a series of events that occurs to actually provide a network service, and understanding this series of events allows you to secure these services to prevent unauthorized access. In Linux, like Unix, this series of events is very well defined, and TCP-Wrappers is implemented to work within the structure of these events to enhance security."
"Many services are actually provided by another service called inetd. Inetd is commonly referred to as a "listener," because this service's job is to "listen" to the network for requests for incoming service. Inetd is typically started during the boot process and is configured through a couple files that work to define exactly what "services" will be provided. While inetd provides the mechanism for many services such as FTP and Telnet, many more services like mail and HTTP do not use this mechanism. For services that are provided via inetd, this is the first step in the process."