On 03/20/2014 04:13 PM, Matthew Miller wrote: > On Thu, Mar 20, 2014 at 04:00:49PM -0400, John Jasen wrote: >> Various government entities may use it extensively. I don't recall if >> tcp_wrappers is in the USGCB baselines for RHEL, but I do believe its in >> several CIS benchmarks. > > Good question. I checked with both that and the DoD National Checklist > Program, and neither mention it. Also, unless I missed something else, the > USGCB covers RHEL 5, so there won't be any impact there. > > Are the CIS benchmarks something you could point me to? > https://benchmarks.cisecurity.org/tools2/linux/CIS_RHEL5_Benchmark_v1.1.pdf Also note, agencies or groups required to implement CIS or better who maintain a mixed environment may also use tcp_wrappers on all their platforms, as from a cursory glance, ever UNIX benchmark lists it. I would recommend against dropping tcp wrappers. -- -- John Jasen (jjasen at realityfailure.org) -- No one will sorrow for me when I die, because those who would -- are dead already. -- Lan Mandragoran, The Wheel of Time, New Spring