Bringing back tcp wrappers
Thomas Dwyer III
tomiii at tomiii.com
Thu Jun 24 04:47:15 AEST 2021
iptables is not an external app. It's never "down" any more than
/etc/hosts.deny is down. What can tcpwrappers do that iptables cannot do
even better?
Tom.III
On Wed, Jun 23, 2021 at 10:32 AM Saint Michael <venefax at gmail.com> wrote:
> any external app can be down at any time, while openssh remains active and
> exposed, BUT libwrap is baked into openssh, so the protection will hold.
> Libwrap is the last line of defense. Why remove it?
>
> On Wed, Jun 23, 2021 at 1:01 PM Lars Noodén <lars.nooden at gmx.com> wrote:
>
> > On 6/23/21 5:54 PM, Saint Michael wrote:
> > > I compiled the latest version, 8.1, inside Centos 7.9, and
> > [snip]
> >
> > What use-case would there be there for tcpwrappers that cannot be better
> > solved with a packet filter? In the case of CentOS 7 you have nftables
> > and iptables.
> >
> > /Lars
> >
> > _______________________________________________
> > openssh-unix-dev mailing list
> > openssh-unix-dev at mindrot.org
> > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
> >
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
More information about the openssh-unix-dev
mailing list