Date: Mon, 26 Jun 2000 09:47:59 -0700 From: "Jordan K. Hubbard" <jkh@zippy.osd.bsdi.com> To: Will Andrews <andrews@technologist.com> Cc: arch@FreeBSD.ORG Subject: Re: Disabling inetd? Message-ID: <2962.962038079@localhost> In-Reply-To: Your message of "Mon, 26 Jun 2000 05:35:25 EDT." <20000626053525.U85886@argon.gryphonsoft.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> What are people's opinions about doing this? IMHO there is nothing in > inetd that is absolutely essential when someone installs FreeBSD on a > virgin system. Let's take a few things as examples. Telnet is an > insecure protocol and has been replaced for the most part by SSH. Then > there's FTP. How many people are going to run FTP servers on their > machines by default? Now talk daemon, auth server (for ident, typically > used with IRC), and finger. Not everyone really needs these. I think it's a fairly evil idea. People expect to be able to telnet into a box right after it's installed and they're not always on an insecure LAN which makes that a security issue. Even when it is an issue, our telnet supports SRA encryption now. If you want to really solve the problem, write a new "services dialog" for sysinstall which lets you select the things you'd like to have listening for connections at boot time and edit the prototype /etc/inetd.conf accordingly. ssh could also get an entry in that list, which would probably be far easier for people to find than its current position under Startup->Networking. - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2962.962038079>