TCP Wrapper
E298651
TCP Wrapper is a host-based network access control system for Unix-like operating systems that filters incoming requests to network services based on configurable rules.
All labels observed (2)
| Label | Occurrences |
|---|---|
| TCP Wrapper canonical | 3 |
| libwrap | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T2795573 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: TCP Wrapper Context triple: [Wietse Venema, knownFor, TCP Wrapper]
-
A.
Netcat
Netcat is a versatile command-line networking utility used for reading from and writing to network connections, often referred to as the "Swiss Army knife" of TCP/IP.
-
B.
TCP/IP
TCP/IP is the fundamental communication protocol suite that enables data transmission and networking across the internet and most modern computer networks.
-
C.
netfilter
netfilter is a framework within the Linux kernel that provides packet filtering, network address translation (NAT), and other networking-related operations for implementing firewalls and traffic control.
-
D.
Ettercap
Ettercap is a network security tool used for sniffing, intercepting, and manipulating traffic on local area networks, commonly employed for man-in-the-middle attacks and protocol analysis.
-
E.
iptables
iptables is a widely used Linux userspace utility for configuring the kernel’s packet filtering and network address translation (NAT) firewall rules.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: TCP Wrapper Target entity description: TCP Wrapper is a host-based network access control system for Unix-like operating systems that filters incoming requests to network services based on configurable rules.
-
A.
Netcat
Netcat is a versatile command-line networking utility used for reading from and writing to network connections, often referred to as the "Swiss Army knife" of TCP/IP.
-
B.
TCP/IP
TCP/IP is the fundamental communication protocol suite that enables data transmission and networking across the internet and most modern computer networks.
-
C.
netfilter
netfilter is a framework within the Linux kernel that provides packet filtering, network address translation (NAT), and other networking-related operations for implementing firewalls and traffic control.
-
D.
Ettercap
Ettercap is a network security tool used for sniffing, intercepting, and manipulating traffic on local area networks, commonly employed for man-in-the-middle attacks and protocol analysis.
-
E.
iptables
iptables is a widely used Linux userspace utility for configuring the kernel’s packet filtering and network address translation (NAT) firewall rules.
- F. None of above. chosen
Statements (45)
| Predicate | Object |
|---|---|
| instanceOf |
host-based network access control system
ⓘ
security software ⓘ software ⓘ |
| accessDecisionBasis |
client address
ⓘ
daemon name ⓘ time of access (via external commands) ⓘ |
| canProtectServiceType |
TCP services
ⓘ
UDP services ⓘ |
| category |
Unix security software
ⓘ
network security software ⓘ |
| component |
TCP Wrapper
self-linksurface differs
ⓘ
surface form:
libwrap
tcpd ⓘ |
| configurationFile |
/etc/hosts.allow
ⓘ
/etc/hosts.deny ⓘ |
| controlsAccessTo | network services ⓘ |
| developedFor | daemon processes providing network services ⓘ |
| granularity |
per-host access control
ⓘ
per-service access control ⓘ |
| implements | wrapper daemon for network services ⓘ |
| license | permissive free software license ⓘ |
| loggingMethod | syslog ⓘ |
| operatingSystem | Unix-like operating systems ⓘ |
| primaryFunction |
filter incoming requests to network services
ⓘ
provide host-based access control ⓘ |
| replacedBy | firewall-based access control on many systems ⓘ |
| requires | services linked against libwrap or started via tcpd ⓘ |
| ruleEvaluationOrder | hosts.allow before hosts.deny ⓘ |
| securityModel | host-based access control ⓘ |
| status | considered legacy on many modern systems ⓘ |
| supportsFeature |
access control based on IP address
ⓘ
access control based on client host ⓘ access control based on daemon name ⓘ access control based on network ⓘ banner messages ⓘ integration with syslog ⓘ logging of connection attempts ⓘ shell command execution on access events ⓘ |
| supportsPlatform |
BSD
ⓘ
Linux ⓘ Solaris operating system ⓘ
surface form:
Solaris
Unix ⓘ |
| typicalUseCase |
restrict access to services like FTP
ⓘ
restrict access to services like SSH ⓘ restrict access to services like telnet ⓘ |
| usesMechanism | configurable access control rules ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: TCP Wrapper Description of subject: TCP Wrapper is a host-based network access control system for Unix-like operating systems that filters incoming requests to network services based on configurable rules.
Referenced by (4)
Full triples — surface form annotated when it differs from this entity's canonical label.