|
|
tcpwrappers
|
|
|
|
Junior Member
Join Date: Dec 1999
Status:
Offline
|
|
Hi all,
Does OS X support tcpwrappers? I would feel more secure with a nicely configures set of /etc/hosts.deny and hosts.allow files.
tia,
Ben
|
|
|
|
|
|
|
|
|
Senior User
Join Date: Nov 2002
Location: US
Status:
Offline
|
|
I don't have an answer (I'm a newbie). Just want to revive this thread - so if you know how to make hosts.deny hosts.allow work in os x, or you know what's the equivalent in os x, just reply away. Thanks.
|
|
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Mar 2001
Location: Canmore, AB, Canada
Status:
Offline
|
|
Tcpd is not only supported in OS X, but installed by default. You can see this by looking inside /etc/inetd.conf. The standard services like ftp, telnet etc, normally loaded by inetd itself, are hidden behind /usr/libexec/tcpd. Remove the comment mark (#) from any service that you want to enable. Note that you have to signal the inetd daemon with SIGHUP to make it notice changes to inetd.conf. See 'man inetd' for details. Alternately, you can just reboot.
Here's a sample /etc/hosts.allow file:
# Allow hosts 123.456.789.102 and 123.543.654.876 all services
# (ie all services not commented out in inetd.conf)
ALL: 123.456.789.102 123.543.654.876: allow
# Deny access to all others
ALL: ALL: deny
|
Gary Finley
Director of Networking
Netera Alliance Inc.
|
|
|
|
|
|
|
|
Senior User
Join Date: Nov 2002
Location: US
Status:
Offline
|
|
hm... I didn't notice inetd was even started, cus I saw /etc/xinetd* and assumed OS X already switched to xinetd. So why is it the case that inetd is still used instead of xinetd?
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|