Besides using a firewall, and SELinux, there are many ways to make our RHEL servers secure from crackers that are trying to break into our RHEL system, one of which is to use tcp_wrapper. This feature is activated automatically. One thing to take noted that inside this ” tcp_wrapper” there is a file called hosts.allow and hosts.deny. Tcp_ wrapper uses sequential system, which is followed from top to bottom. Here are theĀ workings / path on tcp_wrapper:
1. The system will first look into / etc / hosts.allow. If tcp_wrappers find the file, then the contents of the file will be given access and the system will not be looking into another directory.
2. Then, the system will search the directory / etc / hosts.deny. If it matches, then the search will be stopped and will run the contents of the directory.
3. Default. If not found all directory above then it will be allowed all.
An example command is:
#hosts.allow
ALL : .example.com
telnetd : 192.168.0.0/255.255.255.0 EXCEPT 192.168.0.79 sshd, in.tftpd : 192.168.1.10
The first line is a comment, the next line is to define the host example.com that can access to all services. The next line is to show that the telnet service can only be accessed from any host from the 192.168.0.0/24 segment except the IP address 192.168.0.79.
Below are examples of commands to hosts.deny:
#hosts.deny
ALL EXCEPT in.tftpd : .example.org telnetd : ALL EXCEPT 192.168.1.10 ALL:ALL
The first line is to deny all tftp services from all hosts except for example.com. The next line is to deny all traffic to the telnet service from all hosts except from ip address 192.168.1.10.
