Date: Fri, 12 May 2006 20:18:16 -0500 From: Derek Ragona <derek@computinginnovations.com> To: Eric Schuele <e.schuele@computer.org>, FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Pros and Cons of running under inetd.... Message-ID: <6.0.0.22.2.20060512201510.026ddce0@mail.computinginnovations.com> In-Reply-To: <44652C7D.4040604@computer.org> References: <4464B95D.1040702@computer.org> <20060512171515.GC34035@catflap.slightlystrange.org> <4464CEDA.80906@computer.org> <20060512202934.GE34035@catflap.slightlystrange.org> <44652C7D.4040604@computer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Simply reinstall what ever ported apps you are using and look for a sample
startup script in /usr/local/etc/rc.d, or look in /etc/defaults/rc.conf for
the settings to override in /etc/rc.conf to run any standard system
services at boot.
You can search the old security lists or look in SANS archives on the
actual exploits about inetd.
-Derek
At 07:46 PM 5/12/2006, Eric Schuele wrote:
>Daniel Bye wrote:
>>On Fri, May 12, 2006 at 01:07:22PM -0500, Eric Schuele wrote:
>>>Although I am curious about ftpd and tcpwrappers.... I am also
>>>interested in whether or not running these daemons under inetd is
>>>preferred or not. If so why? If not, why?
>>Certainly for anything that has a reasonably expensive start up, such as
>>sshd, you will probably want to run it as a standalone daemon, because
>>it's easier on the system to start it up only once and then fork a new
>>child for each client connection.
>>On the other hand, using inetd will allow you to have only one
>>'superserver' running, which can spawn the appropriate daemon as
>>required. This means that you won't have idle daemons lying around, as
>>they are cleaned up once the session ends.
>>One obvious shortcoming, as you point out, is that the stock ftpd
>>doesn't seem to understand how to consult /etc/hosts.allow, so if you
>>have one configured already, then you might want to use inetd to control
>>ftpd. There may be alternative ftpd servers in the ports that do know
>>how to use tcpwrappers, but I've never used any others so don't know.
>>So, I suppose the real answer to your question is that you should use
>>inetd if you need to use one of the features that it provides, such as
>>tcpwrappers. I can't think of any reason to not use inetd, and I
>>haven't heard any reasonable arguments suggesting it's particularly bad
>>for your health. YMMV, etc.
>
>Thanks for the response. I'm of a similar opinion. For this particular
>application (my laptop and occasional use, plus its usually ipfw'd away
>from the world) I think its fine... and unless I find another solution,
>I'll probably run ftpd under inetd, and sshd standalone.
>
>>Dan
>
>
>--
>Regards,
>Eric
>_______________________________________________
>freebsd-questions@freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
>
>--
>This message has been scanned for viruses and
>dangerous content by MailScanner, and is
>believed to be clean.
>MailScanner thanks transtec Computers for their support.
>
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.0.0.22.2.20060512201510.026ddce0>