Date: Thu, 24 Dec 1998 09:18:20 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: "Joseph T. Lee" <nugundam@la.best.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Do I really need inetd? Message-ID: <199812241718.JAA27944@apollo.backplane.com>
next in thread | raw e-mail | index | archive | help
:On Thu, Dec 24, 1998 at 12:13:09AM -0500, Barrett Richardson wrote:
:> I have all my necessary network services running as daemons. In the
:> face of recent discoveries of problems caused for inetd by nmap
:> and various things I've come to the conclusion that I really don't
:> need inetd -- another variable I can eliminated from the mix.
:
:inetd centralizes the daemon management, besides providing some
:protection such as sandboxing said daemons instead of letting them all
:run as root as needed.
:
:In relation to the nmap thing, you can limit the number of daemon
:children/max connections per minute per IP through, to discourage DoS
:attacks.
Many months ago I added a max-connections and max-rate capability to
inetd. The parameters can be specified globally or on a per-service
basis. 'man inetd' for details.
-Matt
:--
:Joseph nugundam =best=com==/==\=IIGS=/==\=Playstation=/==\=Civic HX CVT=/==\
:# Anime Expo 1998 >> www.anime-expo.org/ >
:# Redline Games >> www.redlinegames.com/ >
:# Cal-Animage Epsilon >> www.best.com/~nugundam/epsilon/ >
:# EX: The Online World of Anime & Manga >> www.ex.org/ /
:
:To Unsubscribe: send mail to majordomo@FreeBSD.org
:with "unsubscribe freebsd-security" in the body of the message
:
Matthew Dillon Engineering, HiWay Technologies, Inc. & BEST Internet
Communications & God knows what else.
<dillon@backplane.com> (Please include original email in any response)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812241718.JAA27944>