[CentOS] Does anyone use tcp wrappers (hosts.allow/hosts.deny) anymore?

Keith Keller kkeller at wombat.san-francisco.ca.us
Thu Mar 20 19:55:56 UTC 2014


On 2014-03-20, Matthew Miller <mattdm at mattdm.org> wrote:
> What do you think? Do you rely on hosts.allow/hosts.deny a primary security
> mechanism? As defense-in-depth? Do you have policies which mandate it?

I currently use it in conjunction with denyhosts, but have been
considering moving to something like sshguard with iptables instead.  If
hosts.deny support disappeared then I would simply go that route when
necessary.

May I ask what the reason is for considering dropping tcp wrappers
support?

--keith

-- 
kkeller at wombat.san-francisco.ca.us





More information about the CentOS mailing list