Guide to configuring TCPWrappers
             --------------------------------

This article is a general guide to configuring TCP Wrappers
on your system.

TCP Wrappers can deny access to services from certain hosts, domains
or everyone, and will make a note of it in syslog.

Configuring
-----------

First you need to find out the name of the service you want to block.
This can usually be obtained from /etc/inetd.conf

Some common examples are:

telnet         -     telnetd
finger         -     fingerd
ftp            -     ftpd
portmapper     -     portmap

The next step is to enter the information into /etc/hosts.equiv

A sample entry to deny everyone from accessing fingerd is to add the
following line:

fingerd : ALL : banners /etc/banners/reject

This will deny all hosts from connecting to fingerd, and will display
a message according to the contents of the file /etc/banners/reject/fingerd
in place.
(Note: you will most probably have to create this)

You can block specific hosts, or domains, with one of the following lines:

fingerd : .this.host.com : banners /etc/banners/reject

-or-

fingerd : .host.com : banners /etc/banners/reject

These examples will display a banner message in place of the service

To just block the host and display nothing, just use the syntax:

fingerd : .host.com : deny

That will get you started on blocking hosts using tcpwrappers!

More advanced techniques can be found in the examples in /etc/hosts.equiv

-- sparc
(jamie@jamiesdomain.co.uk )
 

 
 

 
 

 
 

             [Home]      [FBSD Articles]      [Scripts Corner]      [Contribute]        [Search]      [FBSD Links]      [Files]

   About Us

FreeBSD Articles
   *Hardware
   *Networking
   *Security
   *Software
   *X Windows

Forums
Defcon1 Forum

Files / Scripts
Newbies Corner
Tech. Talk
Tips and Tricks

FreeBSD Links

Articles in other
Languages :
   *French Articles
   *Spanish Articles

Want to Help ?
      Click Here

Email Users

 
 

Header-Chuckie-2008

This site cannot be duplicated without permission

© 1998 - 2008 Defcon1, www.defcon1.org , Copyrights for all materials on this web site are held by the individual authors, artists, photographers or creators. Materials may not be reproduced or otherwise distributed without permission
of www.defcon1.org and the content's original author.