Date: Fri, 9 Aug 2013 20:37:46 +0000 (UTC) From: Warren Block <wblock@FreeBSD.org> To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r42525 - head/en_US.ISO8859-1/books/handbook/network-servers Message-ID: <201308092037.r79KbkN2013885@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: wblock Date: Fri Aug 9 20:37:45 2013 New Revision: 42525 URL: http://svnweb.freebsd.org/changeset/doc/42525 Log: Clarify, improve language and tags. Committed version is a modified version of patch included in PR, thanks to Ken Reed. PR: docs/181117 Submitted by: Ken Reed <kreed002@gmail.com> Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Thu Aug 8 17:21:07 2013 (r42524) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Fri Aug 9 20:37:45 2013 (r42525) @@ -22,13 +22,14 @@ <sect1 id="network-servers-synopsis"> <title>Synopsis</title> - <para>This chapter will cover some of the more frequently used - network services on &unix; systems. We will cover how to - install, configure, test, and maintain many different types of - network services. Example configuration files are included - throughout this chapter for you to benefit from.</para> + <para>This chapter covers some of the more frequently used + network services on &unix; systems. This includes + installing, configuring, testing, and maintaining + many different types of network services. Example + configuration files are included throughout this + chapter for reference.</para> - <para>After reading this chapter, you will know:</para> + <para>By the end of this chapter, readers will know:</para> <itemizedlist> @@ -38,11 +39,13 @@ </listitem> <listitem> - <para>How to set up a network file system.</para> + <para>How to set up the Network File System + (<acronym>NFS</acronym>).</para> </listitem> <listitem> - <para>How to set up a network information server for sharing + <para>How to set up the Network Information Server + (<acronym>NIS</acronym>) for centralizing and sharing user accounts.</para> </listitem> @@ -52,27 +55,23 @@ </listitem> <listitem> - <para>How to set &os; up to act as an <acronym>LDAP</acronym> - server or client</para> - </listitem> - - <listitem> <para>How to set up automatic network settings using - DHCP.</para> + <acronym>DHCP</acronym>.</para> </listitem> <listitem> - <para>How to set up a domain name server.</para> + <para>How to set up a Domain Name Server + (<acronym>DNS</acronym>).</para> </listitem> <listitem> <para>How to set up the <application>Apache</application> - HTTP Server.</para> + <acronym>HTTP</acronym> Server.</para> </listitem> <listitem> - <para>How to set up a File Transfer Protocol (FTP) - Server.</para> + <para>How to set up a File Transfer Protocol + (<acronym>FTP</acronym>) server.</para> </listitem> <listitem> @@ -82,7 +81,8 @@ <listitem> <para>How to synchronize the time and date, and set up a - time server, with the NTP protocol.</para> + time server using the Network Time Protocol + (<acronym>NTP</acronym>).</para> </listitem> <listitem> @@ -93,20 +93,19 @@ </itemizedlist> - <para>Before reading this chapter, you should:</para> + <para>This chapter assumes a basic knowledge of:</para> <itemizedlist> <listitem> - <para>Understand the basics of the - <filename>/etc/rc</filename> scripts.</para> + <para><filename>/etc/rc</filename> scripts.</para> </listitem> <listitem> - <para>Be familiar with basic network terminology.</para> + <para>Network terminology.</para> </listitem> <listitem> - <para>Know how to install additional third-party + <para>Installation of additional third-party software (<xref linkend="ports"/>).</para> </listitem> @@ -167,20 +166,14 @@ <para><application>inetd</application> is initialized through the &man.rc.8; system. The <literal>inetd_enable</literal> option is set to - <literal>NO</literal> by default, but may be turned on - by <application>sysinstall</application> during installation, - depending on the configuration chosen by the user. - Placing:</para> + <literal>NO</literal> by default. It can be enabled + by placing:</para> <programlisting>inetd_enable="YES"</programlisting> - <para>or</para> - - <programlisting>inetd_enable="NO"</programlisting> - <para>into - <filename>/etc/rc.conf</filename> will enable or disable - <application>inetd</application> starting at boot time. + <filename>/etc/rc.conf</filename>. + <application>inetd</application> will now start at boot time. The command:</para> <screen>&prompt.root; <userinput>service inetd rcvar</userinput></screen> @@ -512,14 +505,15 @@ server-program-arguments</programlisting because they provide information that may be useful to an attacker.</para> - <para>Some daemons are not security-conscious and have long, or - non-existent, timeouts for connection attempts. This allows - an attacker to slowly send connections to a particular daemon, - thus saturating available resources. It may be a good idea to - place <option>max-connections-per-ip-per-minute</option>, - <option>max-child</option> or - <option>max-child-per-ip</option> limitations on certain - daemons if there are too many connections.</para> + <para>Some daemons are not security-conscious and have long or + non-existent timeouts for connection attempts. An attacker + can send connections to a particular daemon, eventually + consuming available resources and resulting in a Denial of + Service (<acronym>DoS</acronym>). + <literal>max-connections-per-ip-per-minute</literal>, + <literal>max-child</literal> and + <literal>max-child-per-ip</literal> can be used to limit + such attacks.</para> <para>By default, TCP wrapping is turned on. Consult the &man.hosts.access.5; manual page for more information on
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201308092037.r79KbkN2013885>