The TCP wrappers feature mediates requests from clients to services, and control access based on rules that you define in the /etc/hosts.deny and /etc/hosts.allow files. You can restrict and permit service access for specific hosts or whole networks. A common way of using TCP wrappers is to detect intrusion attempts. For example, if a known malicious host or network attempts to access a service, you can deny access and send a warning message about the event to a log file or to the system console.

For more information, see Section 25.4, “About TCP Wrappers”.