Date: Tue, 31 Jul 2001 22:45:30 -0600 (MDT) From: Nate Williams <nate@yogotech.com> To: Robert Watson <rwatson@FreeBSD.ORG> Cc: arch@FreeBSD.ORG, stable@FreeBSD.ORG Subject: Disabling portmapper (was Re: Patch to modify default inetd.conf, have sysinstall prompt to edit , inetd.conf) Message-ID: <15207.35178.61523.131897@nomad.yogotech.com> In-Reply-To: <Pine.NEB.3.96L.1010731233839.54921B-200000@fledge.watson.org> References: <Pine.NEB.3.96L.1010731233839.54921B-200000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> One of the observations that has been made fairly frequently to me is that > the current default inetd.conf puts many FreeBSD users at risk > unnecessarily, as many of them have moved to using SSH for remote access > needs. In particular in light of the recent ftpd and telnetd security > bugs, it seems like 4.4-RELEASE would be a good time to move to a more > conservative default of having both of these services disabled in the base > install, as both NetBSD and OpenBSD have moved to doing. In the same vein, shouldn't we also have the portmapper 'disabled' out of the box by default? I know we haven't (yet) had any remote exploits like Linux, but it may only be a matter of time. Plus, the crap filling up the logs could be argued as a type of DoS. Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15207.35178.61523.131897>