3.From the TCP Wrapper Administration menu, choose Display/Update Configuration to display a list of the services available on your system and the current access settings for each service.

4.Select the service for which you want to modify access. The TCP Wrapper Service Management form shows the current security setting for the service you chose and offers the settings described in Table 27.

Table 27 Network Service Access Options

Access Type

Description

everybody

Anyone on the network is granted access to the service

nobody

No user on the network is granted access to the service

local domain

Only those in the local domain are granted access to the service

customized

Anyone on the network matching the domain name(s), hostname(s), IPv4 address(s), or

 

IPv6 address(s) listed in the access list is granted or denied access to the service,

 

depending on the access control keyword (ALLOW or DENY) that you specify. See the

 

hosts_access(5) reference page for information on access list syntax.

5.Select the access setting you want to apply to the service and click on Submit.

Figure 42 shows the TCP Wrapper Service Management form for the remote login server (rlogind). To deny access to rlogind for all users on your system, select the option button for “Access is allowed for nobody? and click Submit.

Figure 42 Remote Login Server Dialog

To customize access to a service, select the option button for “Access is customized? and enter the access specification string in the accompanying field. For example:

foo.fsu.edu abc.company.com:ALLOW

In this example, any user in either the foo.fsu.edu or abc.company.com domain is allowed to log in remotely.

Note:

The access specification string must conform to the syntax described in the hosts_options(5) reference page, except that you do not specify the daemon_list argument.

Testing TCP Security Modifications

After you modify access to a service, follow these steps to test the modification:

TCP Wrapper Administration 169

Page 169
Image 169
HP UX Internet Express Software manual Testing TCP Security Modifications, Network Service Access Options