Various government entities may use it extensively. I don't recall if tcp_wrappers is in the USGCB baselines for RHEL, but I do believe its in several CIS benchmarks. On 03/20/2014 03:55 PM, Keith Keller wrote: > On 2014-03-20, Matthew Miller <mattdm at mattdm.org> wrote: >> What do you think? Do you rely on hosts.allow/hosts.deny a primary security >> mechanism? As defense-in-depth? Do you have policies which mandate it? > > I currently use it in conjunction with denyhosts, but have been > considering moving to something like sshguard with iptables instead. If > hosts.deny support disappeared then I would simply go that route when > necessary. > > May I ask what the reason is for considering dropping tcp wrappers > support? > > --keith > -- -- John Jasen (jjasen at realityfailure.org) -- No one will sorrow for me when I die, because those who would -- are dead already. -- Lan Mandragoran, The Wheel of Time, New Spring