Date: Wed, 4 Apr 2001 18:40:03 -0500 From: Andrew Hesford <ajh3@chmod.ath.cx> To: Hervey Wilson <herveyw@dynamic-cast.com> Cc: Andrew Hesford <ajh3@chmod.ath.cx>, kam@salsolutions.net, freebsd-questions@FreeBSD.ORG Subject: Re: Does it matter? Message-ID: <20010404184003.A17459@cec.wustl.edu> In-Reply-To: <000f01c0bd57$eaebcbe0$0101a8c0@chillipepper>; from herveyw@dynamic-cast.com on Wed, Apr 04, 2001 at 03:38:05PM -0700 References: <F47KLpgTFur2iz2Mb1s00000c8b@hotmail.com> <20010404153222.A17093@cec.wustl.edu> <000f01c0bd57$eaebcbe0$0101a8c0@chillipepper>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Apr 04, 2001 at 03:38:05PM -0700, Hervey Wilson wrote: > > From: "Andrew Hesford" <ajh3@chmod.ath.cx> > > > As it were, I use inetd to spawn Samba and Apache. The reason is quite > > simple... while maybe a bit more inefficient (as another reply > > suggests), I simply do not get enough http hits or SMB traffic to > > justify keeping a daemon running full-time. > > Interesting. I run Samba directly, not under inetd. My primary reason for > this is that smb.conf allows you control which interfaces samba listens on > and I can therefore restrict it to my internal interfaces and not expose it > to the outside world. By running it under inetd, won't this capability be > lost, since inetd will listen on all interfaces, and you'll have to be more > careful with the firewall ? > > H. I am careful with my firewall: I use ipfw and state-matching to block all TCP connections not originating from inside the firewall. Hence, no outside user can tamper with Samba unless I want to initiate the connection. -- Andrew Hesford ajh3@chmod.ath.cx To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010404184003.A17459>