3.From the TCP Wrapper Administration menu, choose Display/Update Configuration to display a list of the services available on your system and the current access settings for each service.
4.Select the service for which you want to modify access. The TCP Wrapper Service Management form shows the current security setting for the service you chose and offers the settings described in Table 27.
Table 27 Network Service Access Options
Access Type | Description |
everybody | Anyone on the network is granted access to the service |
nobody | No user on the network is granted access to the service |
local domain | Only those in the local domain are granted access to the service |
customized | Anyone on the network matching the domain name(s), hostname(s), IPv4 address(s), or |
| IPv6 address(s) listed in the access list is granted or denied access to the service, |
| depending on the access control keyword (ALLOW or DENY) that you specify. See the |
| hosts_access(5) reference page for information on access list syntax. |
|
|
5.Select the access setting you want to apply to the service and click on Submit.
Figure 42 shows the TCP Wrapper Service Management form for the remote login server (rlogind). To deny access to rlogind for all users on your system, select the option button for “Access is allowed for nobody? and click Submit.
Figure 42 Remote Login Server Dialog
To customize access to a service, select the option button for “Access is customized? and enter the access specification string in the accompanying field. For example:
foo.fsu.edu abc.company.com:ALLOW
In this example, any user in either the foo.fsu.edu or abc.company.com domain is allowed to log in remotely.
Note:
The access specification string must conform to the syntax described in the hosts_options(5) reference page, except that you do not specify the daemon_list argument.
Testing TCP Security ModificationsAfter you modify access to a service, follow these steps to test the modification:
TCP Wrapper Administration 169