From owner-freebsd-security  Thu Dec 24 10:32:38 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id KAA02827
          for freebsd-security-outgoing; Thu, 24 Dec 1998 10:32:38 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from netbox.com (home.netbox.com [206.24.105.130])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA02822
          for <freebsd-security@FreeBSD.ORG>; Thu, 24 Dec 1998 10:32:36 -0800 (PST)
          (envelope-from jwgray@netbox.com)
Received: from localhost (jwgray@localhost)
	by netbox.com (8.8.8/8.8.7) with ESMTP id KAA07754;
	Thu, 24 Dec 1998 10:32:25 -0800 (PST)
	(envelope-from jwgray@netbox.com)
Date: Thu, 24 Dec 1998 10:32:25 -0800 (PST)
From: Jeff Gray <jwgray@netbox.com>
To: Matthew Dillon <dillon@apollo.backplane.com>
cc: "Joseph T. Lee" <nugundam@la.best.com>, freebsd-security@FreeBSD.ORG
Subject: Re: Do I really need inetd?
In-Reply-To: <199812241718.JAA27944@apollo.backplane.com>
Message-ID: <Pine.BSF.4.03.9812241030410.7639-100000@netbox.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Matt, 

Appreciate the suggestion.

To save some of us syntax problems maybe you could post the lines, ones
that work are always nice.

Thanks
Jeff  

On Thu, 24 Dec 1998, Matthew Dillon wrote:

> :On Thu, Dec 24, 1998 at 12:13:09AM -0500, Barrett Richardson wrote:
> :> I have all my necessary network services running as daemons. In the
> :> face of recent discoveries of problems caused for inetd by nmap
> :> and various things I've come to the conclusion that I really don't
> :> need inetd -- another variable I can eliminated from the mix.
> :
> :inetd centralizes the daemon management, besides providing some
> :protection such as sandboxing said daemons instead of letting them all
> :run as root as needed.
> :
> :In relation to the nmap thing, you can limit the number of daemon
> :children/max connections per minute per IP through, to discourage DoS
> :attacks.
> 
>     Many months ago I added a max-connections and max-rate capability to
>     inetd.  The parameters can be specified globally or on a per-service
>     basis.   'man inetd' for details.
> 
> 					-Matt
> 
> :-- 
> :Joseph nugundam =best=com==/==\=IIGS=/==\=Playstation=/==\=Civic HX CVT=/==\
> :#        Anime Expo 1998        >> www.anime-expo.org/                      >
> :#         Redline Games         >> www.redlinegames.com/                    >
> :#      Cal-Animage Epsilon      >> www.best.com/~nugundam/epsilon/          >
> :# EX: The Online World of Anime & Manga >> www.ex.org/                     /
> :
> :To Unsubscribe: send mail to majordomo@FreeBSD.org
> :with "unsubscribe freebsd-security" in the body of the message
> :
> 
>     Matthew Dillon  Engineering, HiWay Technologies, Inc. & BEST Internet 
>                     Communications & God knows what else.
>     <dillon@backplane.com> (Please include original email in any response)    
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message