20 Mar
2014
20 Mar
'14
8 p.m.
Various government entities may use it extensively. I don't recall if tcp_wrappers is in the USGCB baselines for RHEL, but I do believe its in several CIS benchmarks.
On 03/20/2014 03:55 PM, Keith Keller wrote:
On 2014-03-20, Matthew Miller mattdm@mattdm.org wrote:
What do you think? Do you rely on hosts.allow/hosts.deny a primary security mechanism? As defense-in-depth? Do you have policies which mandate it?
I currently use it in conjunction with denyhosts, but have been considering moving to something like sshguard with iptables instead. If hosts.deny support disappeared then I would simply go that route when necessary.
May I ask what the reason is for considering dropping tcp wrappers support?
--keith
--
-- John Jasen (jjasen@realityfailure.org)
-- No one will sorrow for me when I die, because those who would
-- are dead already. -- Lan Mandragoran, The Wheel of Time, New Spring