Hi Beverly,
I think that the hosts.allow and hosts.deny files are both used by
tcpd, and if she's not running inetd, then she's probably not running
anything with the tcpd wrapper, in which case, whatever remaining
services she has won't use those files for keeping out intruders.
This is the way I think it works:
inetd: looks up all the services in inetd.conf and connects them to
their respective ports
tcpd: a wrapper for running those services, which reads hosts.allow
and hosts.deny to determine whether a client has permissions
to connect to that service. tcpd is usually invoked in
inetd.conf:
telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd
in.telnetd: one of the services that is run, wrapped by tcpd, managed
by inetd.
So theoretically, one could run those services with the tcpd wrapper
directly, which would still give you that nice security layer. But I
don't know how to do that. :)
I hope I didn't confuse anyone.
--
-Alex Yan
[EMAIL PROTECTED]
_______________________________________________
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk
