Date: Tue, 23 Jan 1996 16:08:06 +0800 (SGT) From: James Seng <jseng@stf.org.sg> To: Mark Murray <mark@grondar.za> Cc: Nathan Lawson <nlawson@statler.csc.calpoly.edu>, security@FreeBSD.ORG Subject: Re: Ownership of files/tcp_wrappers port Message-ID: <Pine.BSD/.3.91.960123160024.15934B-100000@fire.stf.org.sg> In-Reply-To: <199601230627.IAA25371@grumble.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 23 Jan 1996, Mark Murray wrote: > I think this is a damn fine idea. Seconded. Any ISP who does not have > wrappers, and any user who does not consider their use when connecting > to the 'net has a serious problem. Pardon me, but i think otherwise. tcp_wrapper is a fine product. libwrap.a is good to use and could possibly go into the /usr/src/lib path. But tcp_wrapper as itself shouldnt come by default. There are a few reasons, mainly, there are a few ways which tcp_wrapper could be compile (-DPARANOID -DRFC931 etc) which all could affect the behavior of the system and performance. Some site which doesnt run identd might find it worthwhile to turn off reverse auth. Some site which runs machine behind firewall may not be even interested in tcpd. Just remember that it is a good security tools doesnt means everyone would be interested to use it, for some reasons. And there are too many varities of tcpd and i believe each site should customise tcpd to their need. Just some food for thoughts. -James Seng (jseng@stf.org.sg)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSD/.3.91.960123160024.15934B-100000>