From owner-freebsd-security Thu Mar 25 12:29:51 1999 Delivered-To: freebsd-security@freebsd.org Received: from mail.numachi.com (numachi.numachi.com [198.175.254.2]) by hub.freebsd.org (Postfix) with SMTP id 63A5214FBB for ; Thu, 25 Mar 1999 12:29:47 -0800 (PST) (envelope-from reichert@numachi.com) Received: (qmail 2325 invoked by uid 1001); 25 Mar 1999 20:29:26 -0000 Date: Thu, 25 Mar 1999 15:29:26 -0500 From: Brian Reichert To: freebsd-security@FreeBSD.ORG Subject: Re: xinetd vs. tcp_wrappers Message-ID: <19990325152926.G1474@numachi.com> References: <4.1.19990325145000.00b63100@mason.gmu.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95i In-Reply-To: <4.1.19990325145000.00b63100@mason.gmu.edu>; from Erik Gault on Thu, Mar 25, 1999 at 03:02:19PM -0500 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, Mar 25, 1999 at 03:02:19PM -0500, Erik Gault wrote: > I was interested in tightening up the security on my FreeBSD system > and I'd read a bit about inetd not being particularly secure so I thought > I'd look into what the options were for replacing it or putting additional > software into place to improve the situation. I came across a number of > inetd "replacements" including xinetd, netpipes, ucspi-tcp, etc. and also > the tcp_wrappers program. FWIW, I'm using ucspi-tcp to handle things here. I've pulled inetd off of all our machines. Neither ucspi-tcp nor tcp_wrappers will launch UDP services, as far as I know. There are slight behavioral differences between them. Their respective authors seem to be in a feud, and there was a recent spat on BUGTRAQ about those differences. All of the tools listed solve differnent problem in sloghtly differeny ways; what are _your_ concerns? > > Erik > -- Brian 'you Bastard' Reichert reichert@numachi.com 37 Crystal Ave. #303 Current daytime number: (603)-434-6842 Derry NH 03038-1713 USA Intel architecture: the left-hand path To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message