Date: Tue, 14 Aug 2001 21:03:34 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Warner Losh <imp@harmony.village.org> Cc: Greg Lehey <grog@FreeBSD.org>, Alexander Langer <alex@big.endian.de>, Robert Watson <rwatson@FreeBSD.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20010814210334.A46101@xor.obsecurity.org> In-Reply-To: <200108150336.f7F3a5W20082@harmony.village.org>; from imp@harmony.village.org on Tue, Aug 14, 2001 at 09:36:05PM -0600 References: <20010815105426.F61413@wantadilla.lemis.com> <200108020219.f722Jun16596@freefall.freebsd.org> <20010814213312.C22531@zerogravity.kawo2.rwth-aachen.d> <20010815105426.F61413@wantadilla.lemis.com> <200108150336.f7F3a5W20082@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--r5Pyd7+fXNt84Ff3 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Aug 14, 2001 at 09:36:05PM -0600, Warner Losh wrote: > In message <20010815105426.F61413@wantadilla.lemis.com> Greg Lehey writes: > : On Tuesday, 14 August 2001 at 21:33:12 +0200, Alexander Langer wrote: > : > Thus spake Robert Watson (rwatson@FreeBSD.org): > : > > : >> Default to disabling all inetd.conf entries, in particular, telnetd > : >> and ftpd. This more conservative default reduces the exposure of > : > > : > Let's disable all other services as well and start advertising > : > FreeBSD with "No remote exploit in the default install since xx month= s/ > : > years", too, as the OpenBSD folks do. > :=20 > : I think that sounds funny enough in OpenBSD. We don't want to be > : accused of stealing their slogans too. >=20 > Also, there's a catch. The OpenBSD stuff does have holes in old > releases, so the above really should say "in the latest release at the > time." OpenBSD 2.8's telnetd has a root hole, for example. Which makes it an even more meaningless statistic. The definition they seem to be using of what constitutes a "remote root hole" is also subject to debate, IMO. Let's just not go down that path :-) Kris --r5Pyd7+fXNt84Ff3 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7efSVWry0BWjoQKURAnyTAJ0cET/y0z2xKGPi2pXBTJmnijZfKACghQAs A/OkqFVP5OjkrxlFCmnmP8w= =J5kB -----END PGP SIGNATURE----- --r5Pyd7+fXNt84Ff3-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010814210334.A46101>