Lab 15.1 on centos

tosmi

the solution for lab 15.1 does not work on centos, seems like systemd is not linked against libwrap:

# systemctl --version systemd 219 +PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN

so when you start the telnet socket, telnet will be accessible despite denying all access via hosts.deny.

nevertheless xinetd uses libwrap, so starting in.telnetd via xinetd and denying all access works as expected.

just to be sure here is the content of my hosts.deny file:

all : all

and hosts.allow:

sshd : ALL

thanks toni

lee42x

Thank you for your input. The in.telnetd server used to use  libwrap.so  and would obey the hosts.allow/deny restrictions. It appears that this is no longer the case. We can use xinetd to superimpose libwrap restrictions on almost any service that xinetd launches. 

The lab exercise will be updated. 

Thank you for your input.

AudieMoradi

I also encountered this issue. It was very confusing that it didn't work. I will try what tosmi suggested.