Date: Thu, 24 Dec 1998 09:18:20 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: "Joseph T. Lee" <nugundam@la.best.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Do I really need inetd? Message-ID: <199812241718.JAA27944@apollo.backplane.com>
next in thread | raw e-mail | index | archive | help
:On Thu, Dec 24, 1998 at 12:13:09AM -0500, Barrett Richardson wrote: :> I have all my necessary network services running as daemons. In the :> face of recent discoveries of problems caused for inetd by nmap :> and various things I've come to the conclusion that I really don't :> need inetd -- another variable I can eliminated from the mix. : :inetd centralizes the daemon management, besides providing some :protection such as sandboxing said daemons instead of letting them all :run as root as needed. : :In relation to the nmap thing, you can limit the number of daemon :children/max connections per minute per IP through, to discourage DoS :attacks. Many months ago I added a max-connections and max-rate capability to inetd. The parameters can be specified globally or on a per-service basis. 'man inetd' for details. -Matt :-- :Joseph nugundam =best=com==/==\=IIGS=/==\=Playstation=/==\=Civic HX CVT=/==\ :# Anime Expo 1998 >> www.anime-expo.org/ > :# Redline Games >> www.redlinegames.com/ > :# Cal-Animage Epsilon >> www.best.com/~nugundam/epsilon/ > :# EX: The Online World of Anime & Manga >> www.ex.org/ / : :To Unsubscribe: send mail to majordomo@FreeBSD.org :with "unsubscribe freebsd-security" in the body of the message : Matthew Dillon Engineering, HiWay Technologies, Inc. & BEST Internet Communications & God knows what else. <dillon@backplane.com> (Please include original email in any response) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812241718.JAA27944>