Chances are, SSH is being run from outside of xinetd. Same more than likely goes for your HTTPD server. These are normally run from outside of xinetd because xinetd is used primarily for services that are run infrequently. If you FTP to your box once in a blue moon, then this is a good choice for a service to run under xinet. Services that continually run on a server (such as HTTPD) generally do not run under xinet as each time a connection is attempted, the service would have to be started (possibly, depending on how it is set up for xinet), which takes time and extra CPU cycles and all.
I know that when I installed OpenSSH on our Solaris boxes, all I had to do to get them to check the hosts.allow file was to throw a switch when I was compiling it. When we used to run telnet, we had to specify TCP Wrappers in our inet settings for telnet to check hosts.allow.
I'm not really sure how to set up TCP Wrappers for SSH or HTTPD, but hopefully you can see why things aren't working as you'd thought. Should give you something to look at at least.
|