[CentOS] Does anyone use tcp wrappers (hosts.allow/hosts.deny) anymore?

Thu Mar 20 21:02:06 UTC 2014
m.roth at 5-cent.us <m.roth at 5-cent.us>

Matthew Miller wrote:
> Does anyone use tcp wrappers (hosts.allow/hosts.deny) anymore? And,
would you care strongly if it went away (or would you just migrate to
something else)?
>
> I bring this up because we are discussing dropping it from Fedora. This
would be far enough in the future that it wouldn't impact RHEL 7, and
therefore won't affect anyone here for Quite Some Time*, but here in the
new world order of CentOS, I thought it might be useful to check with
some actual downstream users.
>
> What do you think? Do you rely on hosts.allow/hosts.deny a primary
security mechanism? As defense-in-depth? Do you have policies which
mandate it?
>
Someone mentioned US gov't - we're a gov't agency (non-DoD), and I just
had a quick conversation with my manager. I know I haven't used it in a
*bunch* of years; his reaction was, "what's the point", with firewalls,
and tools like fail2ban.

We're ok if it goes away.

        mark "awk, on the other hand, you'll get away from me when you pry
my cold, dead
                fingers off the keyboard"