Hello,
>> Wouldn't you use iptables instead today? I know there are use cases >> where TCP wrapper would fit better. But aren't they rare? > TCP wrappers is much more efficient than Netfilter because it affects only > the establishment of a connection. When enabled, Netfilter checks every > network packet, which adds a significant overhead. Netfilter is for > routers, not for servers. Though I disagree on the point of netfilter being for routers, not for servers, I agree that for some usecases TCP wrappers are simply better suited. >> A lot of services still come with TCP wrappers enabled by default. But >> does that mean there are commonly in use today? I doubt it. > sshd? For several reasons, I mostly use vsftpd and nagios-nrpe with TCP wrappers if possible. >> "Understand the role of TCP wrappers. " >> /etc/hosts.allow >> and >> /etc/hosts.deny >> >> I'd recommend to remove it. > I'd be glad if we could keep it. As I understand LPIC-1 shows a candidate is able to work on "real-life" Linux systems. Out there, we have some "older" Enterprise Systems (RedHat, SUSE...) that are still under support and will be around for some years to come. Fromm y experience, they are not so view - so if someone is working with linux, he will have to deal with them. Some of these systems make use of xinetd. May be in the future this will be obsolete on some point (even though I realy don't see ist), but fort he next couple of years I don't think so. So I'd definitively recommend to keep it. Regards, Ortwin _______________________________________________ lpi-examdev mailing list [email protected] http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev ------------------------------------------------------------------------------------------ Ortwin Ebhardt Capricorn Consulting GmbH An Krietes Park 6 28307 Bremen Telefon: +49 421 98981-642 E-Mail: [email protected] Internet: www.capricorn.de Geschäftsführer: Thomas Bargfrede, Dipl.-Ing. Axel Buschmann, Thomas von Massenbach, Thomas Heuermann Registergericht: Amtsgericht Bremen, HRB 31421 ------------------------------------------------------------------------------------------ Die Capricorn-News versorgen Sie mit aktuellen Informationen aus der IT-Welt - Schauen Sie mal rein: www.capricorn.de *** In Kürze auch als News-Abo verfügbar *** _______________________________________________ lpi-examdev mailing list [email protected] http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
