17.5.1. Installed Documentation

The bundled documentation on your system is a good place to start looking for additional TCP Wrappers, xinetd, and access control configuration options.

• /usr/share/doc/tcp_wrappers-<version>/ — This directory contains a README file that discusses how TCP wrappers work and the various hostname and host address spoofing risks that exist.

• /usr/share/doc/xinetd-<version>/ — This directory contains a README file that discusses aspects of access control and a sample.conf file with various ideas for modifying service-specific configuration files in the /etc/xinetd.d/ directory.

• TCP wrappers and xinetd related man pages — There are a number of man pages for the various applications and configuration files involved with TCP wrappers and xinetd. The following lists some of the more important man pages.

  Server Applications

  • man xinetd — The man page for the xinetd super service daemon.

  Configuration Files

  • man 5 hosts_access — The man page for the TCP wrappers hosts access control files.

  • man hosts_options — The man page for the TCP wrappers options fields.

  • man xinetd.conf — The man page listing xinetd configuration options.

17.5.2. Useful Websites

• http://www.xinetd.org/ — The home of xinetd, containing sample configuration files, a full listing of features, and an informative FAQ.

• http://www.macsecurity.org/resources/xinetd/tutorial.shtml — A thorough tutorial that discusses many different ways to tweak default xinetd configuration files to meet specific security goals.

17.5.3. Related Books

• Red Hat Enterprise Linux Security Guide; Red Hat, Inc. — Provides an overview of workstation, server, and network security with specific suggestions regarding TCP wrappers and xinetd.

• Hacking Linux Exposed by Brian Hatch, James Lee, and George Kurtz; Osbourne/McGraw-Hill — An excellent security resource with featuring information about TCP wrappers and xinetd.