Date: Mon, 02 Oct 2000 18:59:08 -0600 From: Brett Glass <brett@lariat.org> To: Jordan Hubbard <jkh@winston.osd.bsdi.com>, Alfred Perlstein <bright@wintelcom.net> Cc: security@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <4.3.2.7.2.20001002185439.044cff00@localhost> In-Reply-To: <78689.970533567@winston.osd.bsdi.com> References: <Message from Alfred Perlstein <bright@wintelcom.net> <20001002172133.B27736@fw.wintelcom.net>
next in thread | previous in thread | raw e-mail | index | archive | help
My personal preference would be to lose telnet and ftp too (or at least offer this as an option) and enable sshd (which gives you ssh and scp instead). Since I realise that not everyone would want this, there should be an alternative inetd.conf that's more insecure by default. (The user should be warned that he's enabling protocols with plaintext passwords.) I just reviewed the three options in 4.1.1, and I think that they are a good start. However, there's not enough information about what they do! It'd be nice to see more detail (perhaps by hitting F1 for help). As for munging inetd.conf: It'd be nice, but offering several alternative files and switching between them would be fine. So would doing a "cat" of hunks of the file to assemble it; minimal intelligence is needed for this. --Brett At 06:39 PM 10/2/2000, Jordan Hubbard wrote: >> Can we please loose everything but telnet and ftp? This getting > >That wouldn't bother me at all. I'd even say lose ftp, but sysinstall >asks about it right now and we'd have to disable that functionality or >teach sysinstall about grubbing in inetd.conf files before it would be >a truly practical suggestion. > >- Jordan > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20001002185439.044cff00>