On Fri, 2005-06-03 at 01:02 -0400, Jude DaShiell wrote: > response is: package tcp_wrappers is not installed. You would think if a > cut down package were not being used, fedora would be happy to make that > fact known, I think. What? Well, if you chose not to install it, you should not take that as some sign that the distro is using a stripped version. > That's why the warning from the friend I have that > handles stuff like this. Um, I am not sure what you mean by this. How you can infer that somehow the default version of tcp_wrappers is bad because it is not installed is truly beyond me. Install it and check the changelog. If you don't like what you see, then remove it. > I will let him know the results I got tonight > doing that command he'll probably not be surprised. He might be surprised that you are thinking the distro is at fault because you chose not to install something. > By the way, I've been > told by my friend when you finally do get tcp_wrappers properly installed > and set up one of the things it does is to log all traffic in and out of > all ports on a computer Your friend needs to go back to school. tcp_wrappers does nothing of the sort. > which is why tcp_wrapper's logs stand up in court. ROFL - no, the logs are just plain text. Whether or not they are admissible in court depends on a number of things, mostly involving chain of custody of evidence, reliability of the witness and the methods used for capturing and storing log files. > Those have been and are accepted as evidence. Of course - if they meet the criteria of the court. > I take it probably md5sums > or crc32 checks also happen and become part of those records so that > modification can't be done without also very effectively tampering with > those numbers and log's contexts. No. Seriously - your friend doesn't seem to really know what he is talking about. The version of tcp_wrappers that ships with the distro is built from pristine sources with some patches from Red Hat for things like ipv6 support and bugfixes. It is, in all likelihood, better than anything you could put together yourself. There is no reason to think that the version from Red Hat is in any way worse than one you could build yourself. Thomas
