Hello all,
i want to use TCP wrapper, but first i need to check if its in the system or not, if ssh is configured with it or not
how can i find out if i have TCP wrapper on my system (Solaris 10)
and if OpenSSH is compiled with the --with-tcp-wrappers option
BR,
RIP Nix
I used to use it and believe that it is in their by default. All you need to do is add the host.allow and host.deny files. If I remember correctly.
I moved away from them to ipfilter and sshblack though. I found that if somebody is poking around at my servers it is better to let them attempt to log in and then block them from all ports and protocols (1 strike and your out, misbehavior on port 80 is treated the same), rather then just letting them keep poking at the server trusting tcp wrappers to keep them out.
Although tcp wrappers should be nearly perfect protection (for TCP) it became a redundant annoyance for me instead of the kiddies.
Solaris 10 has a TCP wrapper package. Check with pkginfo SUNWtcpd. If it returns something, then the TCP wrappers is installed.
For Solaris 10, I would also use the SSH packages that are available through Sun instead of OpenSSH. The Sun version works with the services framework, and it interoperates with OpenSSH.
