From owner-freebsd-security Thu Mar 25 12: 2:50 1999 Delivered-To: freebsd-security@freebsd.org Received: from portal.gmu.edu (portal.gmu.edu [129.174.1.8]) by hub.freebsd.org (Postfix) with ESMTP id A690E14D1D for ; Thu, 25 Mar 1999 12:02:40 -0800 (PST) (envelope-from egault@gmu.edu) Received: from dervish (dervish.irc.gmu.edu [129.174.48.75]) by portal.gmu.edu (8.8.8/8.8.8) with SMTP id PAA16353 for ; Thu, 25 Mar 1999 15:02:20 -0500 (EST) Message-Id: <4.1.19990325145000.00b63100@mason.gmu.edu> X-Sender: egault@mason.gmu.edu (Unverified) X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Thu, 25 Mar 1999 15:02:19 -0500 To: freebsd-security@freebsd.org From: Erik Gault Subject: xinetd vs. tcp_wrappers Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I hate to ask such an ignorant question as this but I spent quite a few hours trying to find information and didn't come up with as much as I'd hoped. I was interested in tightening up the security on my FreeBSD system and I'd read a bit about inetd not being particularly secure so I thought I'd look into what the options were for replacing it or putting additional software into place to improve the situation. I came across a number of inetd "replacements" including xinetd, netpipes, ucspi-tcp, etc. and also the tcp_wrappers program. Of all the programs I found xinetd and tcp_wrappers sounded like they were probably closest to what I wanted. I found plenty of information on tcp_wrappers and one Web site with information on xinetd (http://xinetd.synack.net) but what I couldn't find (and what I'm most interested in) was opinions from knowledgeable folks about what the "best" way to replace or deal with inetd is. Anybody have strong feelings about this? I sense tcp_wrappers is in widespread use but I couldn't get a feel for how widespread use of xinetd is. What do most security savvy system administrators use? Erik To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message