From owner-freebsd-security Wed Aug 15 5:47:44 2001 Delivered-To: freebsd-security@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id DB45237B405; Wed, 15 Aug 2001 05:47:40 -0700 (PDT) (envelope-from sheldonh@starjuice.net) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.31 #1) id 15X06R-000FZ7-00; Wed, 15 Aug 2001 14:48:55 +0200 From: Sheldon Hearn To: Alexander Langer Cc: Robert Watson , security@FreeBSD.org Subject: Re: cvs commit: src/etc inetd.conf In-reply-to: Your message of "Wed, 15 Aug 2001 13:48:52 +0200." <20010815134852.B16184@zerogravity.kawo2.rwth-aachen.d> Date: Wed, 15 Aug 2001 14:48:54 +0200 Message-ID: <59836.997879734@axl.seasidesoftware.co.za> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 15 Aug 2001 13:48:52 +0200, Alexander Langer wrote: > We can disable binding to port 25 and local mail delivery will still > work. I also like disabling all other network services by default. > One of OpenBSD's argument is, that you then know what services you've > had enabled, and you then know, what to take care about. If you > missed a SA about some service you haven't enabled either, who cares? The only problem here is that FreeBSD could be seen as a system that does nothing out of the box. :-) This is not an unresolvable problem, it's just something that needs to be considered. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message