Red Hat Linux Reference Guide 8.0.93 Page 112f (9.4.3.2. Access Control Options) Add a note that it's almost always better to not use control options in xinetd but rely on hosts.(allow|deny) instead. In hosts.deny you can block everything with ALL: ALL and then allow the required services in hosts.allow. If you use only_from or no_access in the xinetd configuration files, you miss those programs that are not started using xinetd but are also using TCP wrappers. Mixing both is obviousely a bad idea, so use hosts.(allow|deny) instead.
There is talk of changing TCP wrappers infrastructure, so I did not "go there." I will leave this as an RFE for next round. Thanks again. Johnray
I have added this information to the most recent version. This chapter will be on the Docs Beta CD and in the final product. J