Details
TCP Wrappers is a host-based access control system that allows administrators to control
who has access to various network services based on the IP address of the remote end of
the connection. TCP Wrappers also provide logging information via syslog about both
successful and unsuccessful connections.
TCP Wrappers provides granular control over what services can be accessed over the
network. Its logs show attempted access to services from non-authorized systems, which
can help identify unauthorized access attempts.
Solution
To enable TCP Wrappers, run the following commands-1. Create and customize your policy in /etc/hosts.allow-# echo ‘ALL-
where each
‘192.168.1.0/255.255.255.0’) can represent one network block in use by your
organization that requires access to this system.2. Create a default deny policy in /etc/hosts.deny-# echo ‘ALL- ALL’ >/etc/hosts.deny3. Enable TCP Wrappers for all services started by inetd-# inetadm -M tcp_wrappers=TRUE To protect only specific inetd services, use the command-# inetadm -m [FMRI] tcp_wrappers=TRUE To enable TCP Wrappers for the RPC port mapping service, use the commands-# svccfg -s rpc/bind setprop config/enable_tcpwrappers=true
# svcadm refresh rpc/bindThe versions of SSH and sendmail that ship with Solaris 11 will automatically use
TCP Wrappers to filter access if a hosts.allow or hosts.deny file exists. To protect
UDP and RPC-based services that are spawned from inetd, consider implementing a
host-based firewall such as Solaris IP Filter. See ipfilter(5) for more information.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Unix.