FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CRUX > CRUX

 
 
LinkBack Thread Tools
 
Old 08-10-2011, 06:25 AM
Johnny
 
Default Dropping tcp_wrappers support.

Hi.
Archlinux's developers are dropping tcp_wrappers support. Aren't CRUX devs doing to do the same step?
http://www.archlinux.org/news/dropping-tcp_wrappers-support/

Best regards
Sergei P.
_______________________________________________
CRUX mailing list
CRUX@lists.crux.nu
http://lists.crux.nu/mailman/listinfo/crux
 
Old 08-10-2011, 03:18 PM
Thomas Penteker
 
Default Dropping tcp_wrappers support.

* Johnny (gloomyquazar@mail.ru) wrote:
> Hi.

Hello!

> Archlinux's developers are dropping tcp_wrappers support. Aren't CRUX devs
> doing to do the same step?
> http://www.archlinux.org/news/dropping-tcp_wrappers-support/

"This is due to upstream not having released a new version since April 1997."
is NO argument. The security-side benefits may be doubted (ip addresses can be
forged). tcpwrappers allows one to block clients by netaddresses without the
need for iptables. It's easy and it's clean. Let's stick with tcp_wrappers.

regards, Thomas

--
Fiber optics caused gas main leak
_______________________________________________
CRUX mailing list
CRUX@lists.crux.nu
http://lists.crux.nu/mailman/listinfo/crux
 
Old 08-10-2011, 08:31 PM
Michal Soltys
 
Default Dropping tcp_wrappers support.

On 11-08-10 17:18, Thomas Penteker wrote:

* Johnny (gloomyquazar@mail.ru) wrote:

Hi.


Hello!


Archlinux's developers are dropping tcp_wrappers support. Aren't CRUX devs
doing to do the same step?
http://www.archlinux.org/news/dropping-tcp_wrappers-support/


"This is due to upstream not having released a new version since April 1997."
is NO argument. The security-side benefits may be doubted (ip addresses can be
forged). tcpwrappers allows one to block clients by netaddresses without the
need for iptables. It's easy and it's clean. Let's stick with tcp_wrappers.

regards, Thomas



Furthermore, tcp_wrappers is not only about poor man's blocking /
allowing. For example, vsftpd uses it as a means to load per-ip specific
configuration files on the fly.

_______________________________________________
CRUX mailing list
CRUX@lists.crux.nu
http://lists.crux.nu/mailman/listinfo/crux
 

Thread Tools




All times are GMT. The time now is 03:17 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org