TCP WRAPPERS

TCP Wrappers is a program that is run before any configured tcp daemon is started by the inet daemon. Also greater logging capabilities are offered, along with restricting access to specific daemons from specific machines. This program increases the security of the box, but as the program is based around IP addresses and not MAC addresses, it would be very easy for an internal hacker to gain access to the box.

cd /usr/local/bin

gunzip tcp_wrappers_7.4.tar.gz

tar xvf tcp_wrappers_7.4.tar

cd tcp_wrappers_7.4

vi Makefile REAL_DAEMON_DIR=/usr/sbin                                      (sunos5 Section add after make statement) CC=gcc

vi inetcf.c                                                                                           change /etc/inet/inetd.conf to /etc/inetd.conf

make STYLE=-DPROCESS_OPTIONS sunos5 -DHOST_ACCESS


vi /etc/hosts

#
# BDS Ltd Hosts Names
#
127.0.0.1 localhost lh
#
192.168.128.128 User1
192.168.128.129 User2

vi /etc/hosts.allow

in.telnetd: User1 User2 lh
in.ftpd: lh

ALL : ALL : spawn /usr/local/bin/safe_finger -l @%c | /usr/bin/mailx -s "%d Connection from %c" access@bdsltd.co.uk \
: banners /etc/banners : linger 10

%c

This machine is owned and operated by Business Direct Services Ltd for the exclusive use of Business Direct Services Ltd employees. Your attempt to access this machine is not allowed.

Access to Business Direct Services Ltd computers is logged and monitored. If you use or attempt to use Business Direct Services Ltd systems, you consent to such monitoring and to adhere to Business Direct Services Ltd polices about appropriate use. If you do not agree, then do not attempt use of these systems. Unauthorised use of Business Direct Services Ltd computers may be illegal, and will be prosecuted.

If you have any questions about this message or policy, contact access@bdsltd.co.uk or call during business hours: 01344 460075

ps -aux | grep inetd

kill -HUP <PID>

vi /etc/inetd.conf