tcpd is use as a access control facility for internet services. It can be set up to monitor incoming requests for telnet, sshd, finger, ftp, exec, rsh, rlogin, tftp, talk, comsat and other services that have a one-to-one mapping onto executable files.
These days almost all leading Linux distros network services are linked against libwrap.a in order to take advantage of the tcpwrappers access control facility.
However some time few services (especially third party apps) does not link itself against libwrap.
You can easily find out if particler installed network service is NOT linked against libwrap.s / tcpd using strings command.
strings command print the strings of printable characters in files especially binary files thus strings is mainly useful for determining the contents of non-text / binary files.
For example find out if sshd network service can use tcpd or not:
$ strings $(which sshd)| grep libwrap
Output:
libwrap.so.0 libwrap refuse returns
Above output, clearly indicate that sshd is linked against libwrap.s / tcpd (TCPWrapper) service. See how to use tcpd to restrict ssh access.
Update:
Sean pointed out ldd command:
$ ldd /usr/sbin/sshd | grep -i libwrapOR# ldd $(which sshd) | grep -i libwrap
Output:
libwrap.so.0 => /lib/libwrap.so.0 (0x40020000)
- RSS feed or Weekly email newsletter
- Share on Twitter • Facebook • 2 comments... add one ↓
Linux Commands For Shared Library Management & Debugging Problem
21 Examples To Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
40 Linux Server Hardening Security Tips [2019 edition]
Top 20 OpenSSH Server Best Security Practices
Linux 25 PHP Security Best Practices For Sys Admins
Top 25 Nginx Web Server Best Security Practices
Linux Configure rssh Chroot Jail To Lock Users To Their Home Directories Only
| Category | List of Unix and Linux commands |
|---|---|
| File Management | cat |
| Firewall | Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
| Network Utilities | dig • host • ip • nmap |
| OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
| Package Manager | apk • apt |
| Processes Management | bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time |
| Searching | grep • whereis • which |
| User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
| WireGuard VPN | Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
There’s also ldd:
$ ldd /usr/sbin/sshd | grep wrap
libwrap.so.0 => /usr/lib/libwrap.so.0 (0x00cc3000)
Sean
Thanks for pointing out ldd.
Appreciate your post.