1@(#) BLURB 1.28 97/03/21 19:27:18 2 3With this package you can monitor and filter incoming requests for the 4SYSTAT, FINGER, FTP, TELNET, RLOGIN, RSH, EXEC, TFTP, TALK, and other 5network services. 6 7The package provides tiny daemon wrapper programs that can be installed 8without any changes to existing software or to existing configuration 9files. The wrappers report the name of the client host and of the 10requested service; the wrappers do not exchange information with the 11client or server applications, and impose no overhead on the actual 12conversation between the client and server applications. 13 14This patch upgrades the tcp wrappers version 7.5 source code to 15version 7.6. The source-routing protection in version 7.5 was not 16as strong as it could be. And all this effort was not needed with 17modern UNIX systems that can already stop source-routed traffic in 18the kernel. Examples are 4.4BSD derivatives, Solaris 2.x, and Linux. 19 20This release does not introduce new features. Do not bother applying 21this patch when you built your version 7.x tcp wrapper without 22enabling the KILL_IP_OPTIONS compiler switch; when you can disable 23IP source routing options in the kernel; when you run a UNIX version 24that pre-dates 4.4BSD, such as SunOS 4. Such systems are unable to 25receive source-routed connections and are therefore not vulnerable 26to IP spoofing attacks with source-routed TCP connections. 27 28A complete change log is given in the CHANGES document. As always, 29problem reports and suggestions for improvement are welcome. 30 31 Wietse Venema (wietse@wzv.win.tue.nl), 32 Department of Mathematics and Computing Science, 33 Eindhoven University of Technology, 34 The Netherlands. 35 36 Currently visiting IBM T.J. Watson Research, Hawthorne NY, USA. 37