> 
> The "hosts.allow" and "hosts.deny" files are part of the "tcp-wrappers"
> package by Wietse Venema. You can install this package on any host, it
> compiles out of the box (as long as you don't have an SGI...), and does
> not need special support in the kernel. Basically, it replaces a couple
> of daemons (e.g. telnetd, logind, ftpd, etc.) and simply calls these to
> handle an incoming connection request only after having ascertained that
> the connecting host is in the trustworthy enough.

> It comes with extensive documentation on how to set it up, lots of hints
> on how to make your system (even more) secure, pointers to further info,
> etc. It is available via ftp, but I could not find the URL where I got it
> from. The documentation mentions ftp.win.tue.nl:/pub/security/ and
> cert.org:/pub/tools/tcp_wrappers/, but there definitely are other sites
> that have it (e.g. the Linux distribution sites).

Correct. I think folks have integrated it into NetBSD-current. I
think (they sure have been talking about it a fair bit on current-users).

Take care,

Bill