From owner-freebsd-isp Thu May 14 07:31:18 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id HAA08156 for freebsd-isp-outgoing; Thu, 14 May 1998 07:31:18 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from caladan.tdx.co.uk (caladan.tdx.co.uk [195.188.177.4]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA08148 for ; Thu, 14 May 1998 07:31:13 -0700 (PDT) (envelope-from kpielorz@tdx.co.uk) Received: from tdx.co.uk (lorca-tx.tdx.co.uk [195.188.177.242]) by caladan.tdx.co.uk (8.8.8/8.8.8) with ESMTP id PAA03712 for ; Thu, 14 May 1998 15:31:09 +0100 (BST) (envelope-from kpielorz@tdx.co.uk) Message-ID: <355B002E.4315383F@tdx.co.uk> Date: Thu, 14 May 1998 15:31:10 +0100 From: Karl Pielorz Organization: TDX X-Mailer: Mozilla 4.04 [en] (WinNT; I) MIME-Version: 1.0 To: isp@FreeBSD.ORG Subject: Question re. Inetd, security & Virtual Hosts Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Does anyone know of any problems with running inetd just for the primary interface on a FreeBSD system? My main concern was security (I don't really want telnetd listening on every IP interface the box has), so I now run: inetd -l -a primary.ip.address inetd -l -a secondary.ip.address And I don't run it for the other 8 IP addresses my system has... The only thing I've noticed is that inetd will also bind services to the 127.0.0.1 (loopback) address - but using the above it doesn't... Does this mean I should also do: inetd -l -a 127.0.0.1 ? Any comments on this like 'you must be mad' are welcome... ;-) On some servers I'd imagine it might save a lot of network sockets (e.g. 200 virtual servers would normally run 200 listeners for telnetd, pop3 etc. ;-) Regards, Karl Pielorz To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message