FTP wrapper
 

Is there wrapper for ftp just like the sshd one?

both proftpd and wu-ftpd have an inetd wrapper, most distributions in my experience come with inetd (xinetd for red hat based distro's) already set up.

what about VsFTP and SUSE 9?

any idea?

i'm not familiar with vsftp or suse, but you can look through /etc/inetd.conf for any ftp wrappers.

i thought that inetd.conf is only for starting network services.

thats not excactly correct. inetd is the tcp-wrapper while programs such as proftpd, wu-ftpd, openssh, among others are capable of using tcp-wrappers. What a tcp-wrapper does is listen and accept connections to a port (generally 21 for ftp) and handle the connections. From there it forwards the data to the program (which isn't actually listening on any port, but listening to inetd). Hopefully I made that clear enough. The benefit of using tcp-wrappers, is you add another level of security to your program. With inetd in paticular it sends each connection through a series of tests, such as is this remote address in hosts.allow or hosts.deny? inetd is not the only tcpwrapper program, actually it has some major bugs such as it's "flaky" once it gets up to handleing 500+ concurrent connections. tcpserver by daniel j. bernstein is another more secure tcpwrapper that is commonly used.

from linuxgeek.net
TCPwrappers

The tcpwrappers replace a number of "listening" daemons with a single "master" daemon
that listens for service requests for several common services on the system. When a
request for a service is made the tcpwrapper (tcpd) "wakes" the daemon for that service.
This does two things. It saves on system resources, since only one process needs to be
running. It also gives more fine grained control over who will be allowed to access
services through access control lists.

The daemons that tcpwrappers ``listens'' for are all servers listed in /etc/inetd.conf.

I got is and it worked for vsftpd as below

vsftpd : ALL@MyIP

But what the ALL@ is for?

what file is that in?

Sorry?