Hi,

Which common applications still use TCP wrappers, these days ?

i.e. which software is compiled with the libwrap library which requires editing of the hosts.allow and hosts.deny files to allow access.

The following are compiled with libwrap that I can think of :
With xinetd, I can see that it's linked with the libwrap library, however what always confuses me is that you can specify the hosts in xinetd.conf. So should xinetd services IP allow access lists also be configured in hosts.allow and hosts.deny ?

Generally speaking, is libwrap deprecated ?

Thanks

See for yourself:

No, Xinetd uses its own configuration files only.


As long as you understand the caveats listed in the documentation and as long as you are aware that packets are passed on to and processed by the application, instead of being blocked at the network level like you would have Netfilter do, it's still useful as part of a multi-layered approach to access restriction.

1 members found this post helpful.

Returns the following packages below.

So you can add sendmail, snmp, stunnel, rpcbind, vsftpd, rpc.rquotad, ypserv, vsftpd to the list above.

These are useful to know when building boxes and fine-tuning the granularity of security.

Did I miss anything else that is popular ?

Actually, xinetd can use TCP Wrappers settings http://www.linuxtopia.org/online_boo...-wrappers.html, but to avoid confusion, some people stick with TCP Wrappers only for those that have it built-in and xinetd ctrl for those that don't.