Current Path : /usr/src/contrib/tcp_wrappers/ |
FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64 |
Current File : //usr/src/contrib/tcp_wrappers/BLURB |
@(#) BLURB 1.28 97/03/21 19:27:18 With this package you can monitor and filter incoming requests for the SYSTAT, FINGER, FTP, TELNET, RLOGIN, RSH, EXEC, TFTP, TALK, and other network services. The package provides tiny daemon wrapper programs that can be installed without any changes to existing software or to existing configuration files. The wrappers report the name of the client host and of the requested service; the wrappers do not exchange information with the client or server applications, and impose no overhead on the actual conversation between the client and server applications. This patch upgrades the tcp wrappers version 7.5 source code to version 7.6. The source-routing protection in version 7.5 was not as strong as it could be. And all this effort was not needed with modern UNIX systems that can already stop source-routed traffic in the kernel. Examples are 4.4BSD derivatives, Solaris 2.x, and Linux. This release does not introduce new features. Do not bother applying this patch when you built your version 7.x tcp wrapper without enabling the KILL_IP_OPTIONS compiler switch; when you can disable IP source routing options in the kernel; when you run a UNIX version that pre-dates 4.4BSD, such as SunOS 4. Such systems are unable to receive source-routed connections and are therefore not vulnerable to IP spoofing attacks with source-routed TCP connections. A complete change log is given in the CHANGES document. As always, problem reports and suggestions for improvement are welcome. Wietse Venema (wietse@wzv.win.tue.nl), Department of Mathematics and Computing Science, Eindhoven University of Technology, The Netherlands. Currently visiting IBM T.J. Watson Research, Hawthorne NY, USA.