1834152 Members
2697 Online
110064 Solutions
New Discussion

TCPwrappers

 
SOLVED
Go to solution
Betty Fessler
Frequent Advisor

TCPwrappers

Is tcpwrappers part of SSH or Bastille for an HP-UX11.23 system? Do you need to be running the ssh daemon for it to work. I found tcpwrappers available for an 11.11 system but not for 11.23. Can tcpwrappers work on 11.11 independantly of having ssh or other software products installed. It says its a web upgrade
7 REPLIES 7
Joel Girot
Trusted Contributor
Solution

Re: TCPwrappers

Hi Betty

take a look at next link :
http://hpux.cs.utah.edu/hppd/hpux/Networking/Admin/tcp_wrappers-7.6/

The TCP Daemon (/usr/lbin/tcpd) is the TCP Wrappers daemon. if tcpd is on the system that indicate that TCP Wrappers are installed.

Hope it helps,
Joel
RAC_1
Honored Contributor

Re: TCPwrappers

HP's ssh comes with tcp built in. so if you installhp ssh, no need to install tcp wrappers seperately.
There is no substitute to HARDWORK
Juan M Leon
Trusted Contributor

Re: TCPwrappers

tcp wrappers is not a part of ssh. But you can install tcpwrappers from http://h20293.www2.hp.com/ just remenber that you will have to edit the host.allow file to allow ssh, tlenet and ftp to the server.
good luck
Sยภเl Kย๓คг
Respected Contributor

Re: TCPwrappers

Hi,

SSH for HP UNIX has inbulit TCPwrappers , You just need to configure it.

see the bellow given link to configure TCPwrappers with SSH. http://www.ssh.com/support/documentation/online/ssh/adminguide/32/Configuring_SSH_Secure_Shell_for_TCP_Wrappers_Support.html

Regards,
Sunil
Your imagination is the preview of your life's coming attractions
Senthil Prabu.S_1
Trusted Contributor

Re: TCPwrappers

Hi,
TCP wrapper doesn't comes with any version of HP-UX OSes, I guess. It has no role to play with ssh.

Basically, it is used to secure all the network services on the Os, like ftp, ssh etc. So, it is used to wrap the services with tcpd, so that the datas are encrpted.

And,What Are TCP Wrappers?

Daemons that are called from inetd that use tcp connections generally provide very little connection logging and tend to run promiscuously. Because we don't want our machine to be accessible to anyone with a computer and a network connection, we need a way to restrict access to services.

TCP wrappers allow you to define access privileges as broadly or as narrowly as you like while logging all connections

you should know more, before using them.
Plz refer following link to know more,

http://www.wright.edu/cats/catsweb/ns/osxs_sec/tcpw_install.html


HTH,
Prabu.S
One man's "magic" is another man's engineering. "Supernatural" is a null word.
Robert Fritz
Regular Advisor

Re: TCPwrappers

If you're trying to log or selectively block you traffic, you may also want to consider IPFilter. That does come with 11.23 and up, and can be easily configured using Bastille.

It should perform better than tcpwrappers, since its a kernel module, and also can perform logging, and fairly sophisticated blocking criteria.

If you want to perform arbitrary functions on connection, you may have to use tcpwrappers, but for most folks, I suspect IPFilter will do the job better.

For more info on IPFitler:
http://docs.hp.com/en/B9901-90021/index.html
Those Who Would Sacrifice Liberty for Security Deserve Neither." - Benjamin Franklin
Betty Fessler
Frequent Advisor

Re: TCPwrappers

Thanks everyone, I received all I need and more, some great links. Thanks again.