[CentOS] Does anyone use tcp wrappers (hosts.allow/hosts.deny) anymore?
John Jasen
jjasen at realityfailure.org
Thu Mar 20 20:00:49 UTC 2014
Various government entities may use it extensively. I don't recall if
tcp_wrappers is in the USGCB baselines for RHEL, but I do believe its in
several CIS benchmarks.
On 03/20/2014 03:55 PM, Keith Keller wrote:
> On 2014-03-20, Matthew Miller <mattdm at mattdm.org> wrote:
>> What do you think? Do you rely on hosts.allow/hosts.deny a primary security
>> mechanism? As defense-in-depth? Do you have policies which mandate it?
>
> I currently use it in conjunction with denyhosts, but have been
> considering moving to something like sshguard with iptables instead. If
> hosts.deny support disappeared then I would simply go that route when
> necessary.
>
> May I ask what the reason is for considering dropping tcp wrappers
> support?
>
> --keith
>
--
-- John Jasen (jjasen at realityfailure.org)
-- No one will sorrow for me when I die, because those who would
-- are dead already. -- Lan Mandragoran, The Wheel of Time, New Spring
More information about the CentOS
mailing list