Date: Tue, 13 Feb 2001 15:07:00 +0100 From: turbo23 <turbo23@gmx.net> To: Neil Blakey-Milner <nbm@mithrandr.moria.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Secure Servers (SMTP, POP3, FTP) Message-ID: <5.0.2.1.2.20010213150150.009f0620@mail.gmx.net> In-Reply-To: <20010213155212.A70601@rapier.smartspace.co.za> References: <5.0.2.1.2.20010213144216.00a80210@mail.gmx.net> <xzpelx2zp8h.fsf@flood.ping.uio.no> <Pine.BSF.4.10.10102132032160.51860-100000@cache.bi.itb.ac. id> <5.0.2.1.2.20010213144216.00a80210@mail.gmx.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> > >or maybe you like to run ftpd with tcp-server, from mr. djb. > > >small, fast and easy to configure. > > > > You can also run ftpd with xinetd. It can also handle maximum number of > > connections. IMHO it isn't as fast as Bernsteins tcp-server but it's more > > secure than inetd. > >I'm not aware of any security issues in FreeBSD's inetd that involve it >running an external (ie, exec) service. Care for pointers? > >19 June 2000, xinetd had the following bug: > > Certain versions of xinetd have a bug in the access control > mechanism. If you use a hostname to control access to a service > (localhost instead of 127.0.0.1 ), xinetd will allow any connection > from hosts that fail a reverse look-up. > >Perhaps you mean inetd's on other systems (like those that don't have >connection limits, and those that turn services off for 10 minutes >without configurability on the amount of time turned off)? You're right. But we had troubles with some inetd and Linux machines. I thought this could be a problem with freebsd too. But I was wrong. Anwyway we are using tcpserver at the moment. regards Thomas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.0.2.1.2.20010213150150.009f0620>