[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: rpm -qi --changelog tcp_wrappers



On Fri, 2005-06-03 at 01:02 -0400, Jude DaShiell wrote:
> response is: package tcp_wrappers is not installed.  You would think if a 
> cut down package were not being used, fedora would be happy to make that 
> fact known, I think.  

What?  Well, if you chose not to install it, you should not take that as
some sign that the distro is using a stripped version.

> That's why the warning from the friend I have that 
> handles stuff like this.  

Um, I am not sure what you mean by this.  How you can infer that somehow
the default version of tcp_wrappers is bad because it is not installed
is truly beyond me.  Install it and check the changelog.  If you don't
like what you see, then remove it.

> I will let him know the results I got tonight 
> doing that command he'll probably not be surprised.  

He might be surprised that you are thinking the distro is at fault
because you chose not to install something.

> By the way, I've been 
> told by my friend when you finally do get tcp_wrappers properly installed 
> and set up one of the things it does is to log all traffic in and out of 
> all ports on a computer 

Your friend needs to go back to school.  tcp_wrappers does nothing of
the sort.

> which is why tcp_wrapper's logs stand up in court. 

ROFL - no, the logs are just plain text.  Whether or not they are
admissible in court depends on a number of things, mostly involving
chain of custody of evidence, reliability of the witness and the methods
used for capturing and storing log files.

> Those have been and are accepted as evidence.  

Of course - if they meet the criteria of the court.

> I take it probably md5sums 
> or crc32 checks also happen and become part of those records so that 
> modification can't be done without also very effectively tampering with 
> those numbers and log's contexts.

No.

Seriously - your friend doesn't seem to really know what he is talking
about.  The version of tcp_wrappers that ships with the distro is built
from pristine sources with some patches from Red Hat for things like
ipv6 support and bugfixes.  It is, in all likelihood, better than
anything you could put together yourself.  There is no reason to think
that the version from Red Hat is in any way worse than one you could
build yourself.

Thomas


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]