My company ran cybercop on one of my servers and it came out with a TCP Wrappers Check with comments of why TCP wrapper installed ports 21 and 23 are vulnerable - how can I fix it? Thanks for your time and help.
Due to the nature of both Telnet & FTP services, they are sometimes hard to remove or shutdown on the system. TCP wrapper programs are used to control the access to these services by limiting access by Hosts and IP addresses. It works as an IP packet filtering facility and provides more specific control over Network services. It also makes use of the standard syslog facility to track local network use. TCP wrappers provide an Access control mechanism by using two files host.deny and host.allow which you install in /etc. You can download a precompiled copy of tcp_wrappers from ftp://ftp.uwsg.indiana.edu/pub/security/wrapbin.
If you are not familiar with the installation, the instructions are available in text format with examples on how to configure host.deny and host.allow files.
Hope this helps. Please write back if you need any more information.
Dig Deeper on Network protocols and standards
Related Q&A from Puneet Mehta
To view network security expert Puneet Mehta's latest advice, see his Public Profile on the IT Knowledge Exchange: https://... Continue Reading
Find out if there's a difference between a virtual private network (VPN) concentrator and a network access server (NAS) in this explanation from our ... Continue Reading
Our network security expert explains how to keep unauthorized users from accessing your router's IP address for Internet access in this advice ... Continue Reading