Linux.com: Linux Security: TCP-Wrappers?

“Linux, like any operating system, is only as secure as you make
it. Any computer that is connected to a network, and especially the
Internet, is susceptible to being compromised. Security is an
issue that affects everyone from home users who may have credit
card information and such to businesses that may have business
plans and product design specifications stored on these systems.
TCP-Wrappers is a software package available for Linux that greatly
simplifies securing these systems.

“Unix networking is based on the concept of services. A Unix
server provides a “service” to the rest of the network to which it
is connected. These services, such as FTP or HTTP, then provide the
functionality required. Linux being derived from Unix provides
services in the same manner as other traditional Unix systems.
There is a series of events that occurs to actually provide a
network service, and understanding this series of events allows you
to secure these services to prevent unauthorized access. In Linux,
like Unix, this series of events is very well defined, and
TCP-Wrappers is implemented to work within the structure of these
events to enhance security.”

“Many services are actually provided by another service called
inetd. Inetd is commonly referred to as a “listener,” because this
service’s job is to “listen” to the network for requests for
incoming service. Inetd is typically started during the boot
process and is configured through a couple files that work to
define exactly what “services” will be provided. While inetd
provides the mechanism for many services such as FTP and Telnet,
many more services like mail and HTTP do not use this mechanism.
For services that are provided via inetd, this is the first step in
the process.”


Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis