Date: Thu, 25 Feb 1999 13:24:41 +0800 From: peter kok <peter@sweda.com.hk> To: freebsd <freebsd-questions@FreeBSD.ORG> Subject: 256 to 1024 Message-ID: <36D4DE99.C684C2F4@sweda.com.hk>
next in thread | raw e-mail | index | archive | help
Hello re: the site: http://www.freebsd.org/~jkb/howto.html#net i would like to know more about the services from 256 to 1024. what is service? ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// If you do decide to leave inetd running, then make sure to enable logging and to increase the number of times a service can be invoked in one minute. (The default is 256, I recommend 1024 - adjust it yourself as you see fit). If you are connecting with a slow link (a modem for example), this will not matter, but if you have a fast connection this "feature" can be used to create a DoS (Denial of Service) attack. Someone can create a simple shell script to invoke more then 256 connections to your computer which will cause your inetd service to shut down. On the other hand, if you want to support 1024 simultaneous connection to your box make sure you have hardware to support that. Or else someone can also cause DoS and crash your computer by opening 1024 telnet connections at one time. Hence, in the file /etc/rc.conf the line right below inetd_enable="YES" should be changed from: inetd_flags="" to: inetd_flags="-l -R 1024" this will turn on logging (-l switch) and increase maximum connection number to 1024 from the default 256. You will also need to change your syslog.conf file in /etc directory, but we will talk about syslogd later. //////////////////////////////// thank you To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?36D4DE99.C684C2F4>