How to Use TCP Wrappers - Oracle® Solaris 11 Security Guidelines

Oracle^® Solaris 11 Security Guidelines

Exit Print View

» ...Documentation Home » Oracle Solaris 11.2 Information Library » Oracle^® Solaris 11 Security ... » Configuring Oracle Solaris Security » Protecting the Network » How to Use TCP Wrappers

Updated: August 2014

Oracle^® Solaris 11 Security Guidelines

Document Information

Using This Documentation

Chapter 1 About Oracle Solaris Security

Chapter 2 Configuring Oracle Solaris Security

Installing the Oracle Solaris OS

Initially Securing the System

How to Verify Your Packages

How to Verify That ASLR Is Enabled

How to Disable Unneeded Services

How to Remove Power Management Capability From Users

How to Place a Security Message in Banner Files

How to Set Stronger Password Constraints

How to Set Account Locking for Regular Users

How to Set a More Restrictive umask Value for Regular Users

How to Audit Significant Events in Addition to Login/Logout

How to Remove Unneeded Basic Privileges From Users

Protecting the Network

How to Use TCP Wrappers

Protecting File Systems

How to Limit the Size of the tmpfs File System

Protecting and Modifying Files

Securing System Access and Use

Protecting a Legacy Service With SMF

Configuring a Kerberos Network

Adding Labeled Multilevel Security

Configuring Trusted Extensions

Configuring Labeled IPsec

Chapter 3 Maintaining and Monitoring Oracle Solaris Security

Appendix A Bibliography for Oracle Solaris Security

Language:

How to Use TCP Wrappers

The following steps show three ways that TCP wrappers are used or can be used in Oracle Solaris.

Before You Begin

You must assume the root role to modify a program to use TCP wrappers.

You do not need to protect the sendmail application with TCP wrappers.
By default, it is protected with TCP wrappers, as described in Support for TCP Wrappers From Version 8.12 of sendmail in Managing sendmail Services in Oracle Solaris 11.2 .
To enable TCP wrappers for all inetd services, see How to Use TCP Wrappers to Control Access to TCP Services in Administering TCP/IP Networks, IPMP, and IP Tunnels in Oracle Solaris 11.2 .
Protect the FTP network service with TCP wrappers.
1. Follow the instructions in the /usr/share/doc/proftpd/modules/mod_wrap.html module.
  Because this module is dynamic, you must load it to use TCP wrappers with FTP.
2. Load the module by adding the following instructions to the proftpd.conf file:
```
# pfedit /etc/proftpd.conf
<IfModule mod_dso.c>
    LoadModule mod_wrap.c
</IfModule>
```
3. Restart the FTP service.
```
# svcadm restart svc:/network/ftp 
```

Copyright © 2011, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices