1.概念
相比较于iptables来说,TCP_wrappers只对个别的TCP的特定服务起安全监测和访问控制的作用。
鉴别方法就是看该服务,是否调用libwrap.so库文件。
2.判断方式
举例
[root@oracle ~]# which sshd
/usr/sbin/sshd
[root@oracle ~]# ldd /usr/sbin/sshd
linux-vdso.so.1 => (0x00007ffe605ae000)
libfipscheck.so.1 => /lib64/libfipscheck.so.1 (0x00007f4ca7ee6000)
libwrap.so.0 => /lib64/libwrap.so.0 (0x00007f4ca7cdb000)
libaudit.so.1 => /lib64/libaudit.so.1 (0x00007f4ca7ab6000)
libpam.so.0 => /lib64/libpam.so.0 (0x00007f4ca78a8000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007f4ca76a4000)
libselinux.so.1 => /lib64/libselinux.so.1 (0x00007f4ca7484000)
libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00007f4ca70a0000)
libutil.so.1 => /lib64/libutil.so.1 (0x00007f4ca6e9d000)
libz.so.1 => /lib64/libz.so.1 (0x00007f4ca6c86000)
libnsl.so.1 => /lib64/libnsl.so.1 (0x00007f4ca6a6d000)
libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007f4ca6836000)
libresolv.so.2 => /lib64/libresolv.so.2 (0x00007f4ca661b000)
libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00007f4ca63d7000)
libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007f4ca60f0000)
libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007f4ca5ec3000)
libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007f4ca5cbf000)
libnss3.so => /usr/lib64/libnss3.so (0x00007f4ca597f000)
libc.so.6 => /lib64/libc.so.6 (0x00007f4ca55ea000)
/lib64/ld-linux-x86-64.so.2 (0x0000003bd0c00000)
libfreebl3.so => /lib64/libfreebl3.so (0x00007f4ca53e7000)
libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00007f4ca51db000)
libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007f4ca4fd8000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f4ca4dbb000)
libnssutil3.so => /usr/lib64/libnssutil3.so (0x00007f4ca4b8e000)
libplc4.so => /lib64/libplc4.so (0x00007f4ca4989000)
libplds4.so => /lib64/libplds4.so (0x00007f4ca4785000)
libnspr4.so => /lib64/libnspr4.so (0x00007f4ca4546000)
librt.so.1 => /lib64/librt.so.1 (0x00007f4ca433e000)
[root@oracle ~]# ldd /usr/sbin/sshd | grep libwrap.so
libwrap.so.0 => /lib64/libwrap.so.0 (0x00007f70b6bef000)
[root@oracle ~]#
3.工作原理
4.TCP Wrappers的使用