From owner-freebsd-questions@FreeBSD.ORG Sat May 13 00:42:59 2006 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 79ECE16A422 for ; Sat, 13 May 2006 00:42:59 +0000 (UTC) (envelope-from e.schuele@computer.org) Received: from rwcrmhc12.comcast.net (rwcrmhc12.comcast.net [216.148.227.152]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1E6C843D45 for ; Sat, 13 May 2006 00:42:59 +0000 (GMT) (envelope-from e.schuele@computer.org) Received: from [192.168.214.215] (c-24-1-232-64.hsd1.tx.comcast.net[24.1.232.64]) by comcast.net (rwcrmhc12) with ESMTP id <20060513004258m120041t3pe>; Sat, 13 May 2006 00:42:58 +0000 Message-ID: <44652B91.3030509@computer.org> Date: Fri, 12 May 2006 19:42:57 -0500 From: Eric Schuele User-Agent: Thunderbird 1.5.0.2 (X11/20060426) MIME-Version: 1.0 To: wc_fbsd@xxiii.com References: <4464B95D.1040702@computer.org> <20060512171515.GC34035@catflap.slightlystrange.org> <4464CEDA.80906@computer.org> <6.0.0.22.2.20060512152402.026a60c8@mail.computinginnovations.com> <6.2.3.4.2.20060512163433.02e85298@mailsvr.xxiii.com> In-Reply-To: <6.2.3.4.2.20060512163433.02e85298@mailsvr.xxiii.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freeBSD Questions Subject: Re: Pros and Cons of running under inetd.... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 May 2006 00:42:59 -0000 wc_fbsd@xxiii.com wrote: > At 04:25 PM 5/12/2006, you wrote: >> inetd running is discouraged. Instead run the daemons on boot using >> rc scripts. If you look back in the history, inetd running is a >> security risk, and was discouraged in the 5.X releases. > > Is that still really true? Waaayyy back when, inetd would have all > kinds of dangerous services enabled by default (allowing DOS stuff like > spewing "chargen" into "discard"). > > But that was a configuration issue, and issues with the services it > launched; not with inetd itself. > > The authentication is still done within ftpd. You're just saving the > tiny overhead of running it all the time for occasional use. And inetd > does allow the tcpwrappers for anything it launches (obviously the > wrappers are compiled into many other things now, ftpd included.) You say tcpwrappers are compiled into ftpd? Are you sure? How can I "enable" or otherwise use them? If I add things to hosts.allow they seem to have no influence. This would solve my problem as I would not need inetd. > > -Wayne > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > -- Regards, Eric