Bug 607169 - Problems found in section 2.5 TCP Wrappers and xinetd
Summary: Problems found in section 2.5 TCP Wrappers and xinetd
Status: CLOSED NEXTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: doc-Security_Guide   
(Show other bugs)
Version: 6.0
Hardware: All Linux
low
high
Target Milestone: rc
: ---
Assignee: Scott Radvan
QA Contact: ecs-bugs
URL:
Whiteboard:
Keywords: Documentation
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-06-23 12:44 UTC by Miroslav Vadkerti
Modified: 2015-04-07 03:19 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-07-06 22:52:29 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Miroslav Vadkerti 2010-06-23 12:44:21 UTC
A. For rhel6 tcp_wrappers has been splitted to two packages (tcp_wrappers and tcp_wrappers-libs) and libwrap.a now resides in /lib (/lib64) dirs.

   *Original text:*
   The TCP Wrappers package (tcp_wrappers) is installed by default and provides host-based access
   control to network services. The most important component within the package is the /usr/lib/libwrap.a

B. Files /etc/hosts.{allow,deny} should not have a full stop at their ending 

   *Original text:*
   1. It references /etc/hosts.allow. - The TCP-wrapped service sequentially parses the /etc/
      hosts.allow file and applies the first rule specified for that service. If it finds a matching rule, it
      allows the connection. If not, it moves on to the next step.
   2. It references /etc/hosts.deny. - The TCP-wrapped service sequentially parses the /etc/
      hosts.deny file. If it finds a matching rule, it denies the connection. If not, it grants access to the
      service.

C. IMHO Guide should be guide 

    *Original text:*
    Note
    More information on the specialist terms above can be found elsewhere in this Guide:

D. This text seems to be incorrectly written to me (maybe I'm wrong though)
	
   *Original text:*
   It also checks that the service can have more resources allotted to it and that it is not in breach of any defined rules


E. correlate -> correlated? 

   *Original text:*
   2.5.4.2. The /etc/xinetd.d/ Directory
   The /etc/xinetd.d/ directory contains the configuration files for each service managed by xinetd
   and the names of the files correlate to the service.

F. This test has wrong IP adresses - they should be 172.16.45.0/24 and 172.16.45.107

   *Original text:*
   In this example, when a client system from the 10.0.1.0/24 network, such as 10.0.1.2, tries to
   access the Telnet service, it receives the following message:

Comment 2 RHEL Product and Program Management 2010-06-23 13:12:51 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for
inclusion.

Comment 3 Scott Radvan 2010-07-06 22:52:29 UTC
have fixed all of these issues in source, changes will appear upon next publish.


Note You need to log in before you can comment on or make changes to this bug.