Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 12 Sep 1997 21:20:31 -0400 (EDT)
From:      spork <spork@super-g.com>
To:        Andreas Klemm <andreas@klemm.gtn.com>
Cc:        Torsten Blum <torstenb@onizuka.tb.9715.org>, mark@grondar.za, ports@FreeBSD.ORG, hackers@FreeBSD.ORG
Subject:   Re: Major bogon in tcp_wrappers port.
Message-ID:  <Pine.BSF.3.96.970912211638.12209B-100000@super-g.inch.com>
In-Reply-To: <19970912172743.64756@klemm.gtn.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
I'd just like to avoid the hassle of installing it on every machine...

I do think this could be made simple for the "dumb user" with a simple
question like "What hosts do you wish to allow to telnet to your machine?"
in sysinstall.

If incorporating it into the base is not acceptable, then I'll ask for a
knob in sysinstall here.  Installation time isn't the worst time to allow
a newbie to learn a bit about security...

Charles

On Fri, 12 Sep 1997, Andreas Klemm wrote:

> On Fri, Sep 12, 1997 at 10:58:42AM +0200, Torsten Blum wrote:
> > 
> > Everybody has different needs for security. There are more than enough
> > users who'll never need tcpwrapper because
> >  - they only have a small set of "services" running on these boxes
> >    (for example www server, dns, sendmail etc)
> >  - we have users who really don't care about security (sad but true).
> >    They never care to configure hosts.{allow,deny} or even check their
> >    logfiles
> >  - Machines without connections "external" connection
> > and many many more
> 
> ok, agreed.
> 
> > Andreas, have you _ever_ configured tcpd ? tcpd is not a standalone daemon.
> > To activate it, you have to modify inetd.conf. 
> 
> Yes I'm using it in the company for our secured FreeBSD internet
> gateway ...
> 
> > Don't get me wrong, I'm all for a "more" secure system, but you don't get
> > this out of the box. You _always_ have to configure something.
> 
> Ok, agreed. Peace man ;-)
> 
> -- 
> Andreas Klemm | klemm.gtn.com - powered by
>                     Symmetric MultiProcessor FreeBSD
>                        http://www.freebsd.org/~fsmp/SMP/SMP.html
>                           http://www.freebsd.org/~fsmp/SMP/benches.html
>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.970912211638.12209B-100000>