tcp wrappers --with-tcp-wrappers
 

This is an excerpt from a security book and i have no idea how to do what they are saying. Maybe someone here knows what the author is talking about.

Many internet programs allow TCP wrappers to be compiled in, ahd Ssh is such an example. When configuring SSH, simply pass the configure program with the --with-tcp-wrappers option. You can then add an entry into /etc/hosts.allow such as:

sshd: .example.com .trusted_network.org trusted_machine.example.org

What i dont understand is the configure program with the --with-tcp-wrappers option. What the heck does it mean and how do i do it.

Thanks as always

:cry:

tcp wrappers is a further security feature that allows for services (controlled by xinetd, I believe) to be controlled through hosts.allow/hosts.deny options. If you want to get more technical, I believe the net 2-4 howto on http://www.linuxdoc.org has a more detailed explanation. (Can't hit the site right now to verify the name. Go to the alphabetical HTML listing and it should be there.)

Tip: If you have no idea what it is or how to use it, don't configure it until you've familiarized yourself a little more with the program/OS.

A small addition.
Any app that has been compiled with libwrap aka TCP Wrappers can use /etc/hosts.(allow,deny).

This also goes for apps started w/o using (x)inetd, because that's just a way of "serving" which. In some cases using (x)inetd causes performance penalties, like with sshd for example.