Hi.
Archlinux's developers are dropping tcp_wrappers support. Aren't CRUX devs doing to do the same step?
http://www.archlinux.org/news/dropping-tcp_wrappers-support/

Best regards
Sergei P.
_______________________________________________
CRUX mailing list
CRUX@lists.crux.nu
http://lists.crux.nu/mailman/listinfo/crux

* Johnny (gloomyquazar@mail.ru) wrote:
> Hi.

Hello!

> Archlinux's developers are dropping tcp_wrappers support. Aren't CRUX devs
> doing to do the same step?
> http://www.archlinux.org/news/dropping-tcp_wrappers-support/

"This is due to upstream not having released a new version since April 1997."
is NO argument. The security-side benefits may be doubted (ip addresses can be
forged). tcpwrappers allows one to block clients by netaddresses without the
need for iptables. It's easy and it's clean. Let's stick with tcp_wrappers.

regards, Thomas

--
Fiber optics caused gas main leak
_______________________________________________
CRUX mailing list
CRUX@lists.crux.nu
http://lists.crux.nu/mailman/listinfo/crux

On 11-08-10 17:18, Thomas Penteker wrote:

* Johnny (gloomyquazar@mail.ru) wrote:

Hi.


Hello!


Archlinux's developers are dropping tcp_wrappers support. Aren't CRUX devs
doing to do the same step?
http://www.archlinux.org/news/dropping-tcp_wrappers-support/


"This is due to upstream not having released a new version since April 1997."
is NO argument. The security-side benefits may be doubted (ip addresses can be
forged). tcpwrappers allows one to block clients by netaddresses without the
need for iptables. It's easy and it's clean. Let's stick with tcp_wrappers.

regards, Thomas



Furthermore, tcp_wrappers is not only about poor man's blocking /
allowing. For example, vsftpd uses it as a means to load per-ip specific
configuration files on the fly.

_______________________________________________
CRUX mailing list
CRUX@lists.crux.nu
http://lists.crux.nu/mailman/listinfo/crux