From owner-freebsd-questions@FreeBSD.ORG Sat May 13 00:44:45 2006 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6078516A821 for ; Sat, 13 May 2006 00:44:45 +0000 (UTC) (envelope-from e.schuele@computer.org) Received: from sccrmhc11.comcast.net (sccrmhc11.comcast.net [204.127.200.81]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3467B43D49 for ; Sat, 13 May 2006 00:44:44 +0000 (GMT) (envelope-from e.schuele@computer.org) Received: from [192.168.214.215] (c-24-1-232-64.hsd1.tx.comcast.net[24.1.232.64]) by comcast.net (sccrmhc11) with ESMTP id <2006051300444201100k9gqfe>; Sat, 13 May 2006 00:44:43 +0000 Message-ID: <44652BFA.6000002@computer.org> Date: Fri, 12 May 2006 19:44:42 -0500 From: Eric Schuele User-Agent: Thunderbird 1.5.0.2 (X11/20060426) MIME-Version: 1.0 To: Derek Ragona References: <4464B95D.1040702@computer.org> <20060512171515.GC34035@catflap.slightlystrange.org> <4464CEDA.80906@computer.org> <6.0.0.22.2.20060512152402.026a60c8@mail.computinginnovations.com> <6.2.3.4.2.20060512163433.02e85298@mailsvr.xxiii.com> <6.0.0.22.2.20060512165738.026575c0@mail.computinginnovations.com> In-Reply-To: <6.0.0.22.2.20060512165738.026575c0@mail.computinginnovations.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: wc_fbsd@xxiii.com, freeBSD Questions Subject: Re: Pros and Cons of running under inetd.... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 May 2006 00:44:45 -0000 Derek Ragona wrote: > Yes it is still true today. The default system now has inetd running > nothing. And the ports now install rc scripts for these reasons. > Not arguing here... everything I've found on the web says something similar. But why do we have inetd? I assume it solved a problem in the past, that no longer exists. Not to mention its spotted security history. > For network daemons, when they are running in a listen mode there is no > real overhead on the system. > > -Derek > > At 03:41 PM 5/12/2006, wc_fbsd@xxiii.com wrote: >> At 04:25 PM 5/12/2006, you wrote: >>> inetd running is discouraged. Instead run the daemons on boot using >>> rc scripts. If you look back in the history, inetd running is a >>> security risk, and was discouraged in the 5.X releases. >> >> Is that still really true? Waaayyy back when, inetd would have all >> kinds of dangerous services enabled by default (allowing DOS stuff >> like spewing "chargen" into "discard"). >> >> But that was a configuration issue, and issues with the services it >> launched; not with inetd itself. >> >> The authentication is still done within ftpd. You're just saving the >> tiny overhead of running it all the time for occasional use. And >> inetd does allow the tcpwrappers for anything it launches (obviously >> the wrappers are compiled into many other things now, ftpd included.) >> >> -Wayne >> >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to >> "freebsd-questions-unsubscribe@freebsd.org" >> >> -- >> This message has been scanned for viruses and >> dangerous content by MailScanner, and is >> believed to be clean. >> MailScanner thanks transtec Computers for their support. >> > -- Regards, Eric