Date: Tue, 13 Feb 2001 15:52:12 +0200 From: Neil Blakey-Milner <nbm@mithrandr.moria.org> To: turbo23 <turbo23@gmx.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Secure Servers (SMTP, POP3, FTP) Message-ID: <20010213155212.A70601@rapier.smartspace.co.za> In-Reply-To: <5.0.2.1.2.20010213144216.00a80210@mail.gmx.net>; from turbo23@gmx.net on Tue, Feb 13, 2001 at 02:45:36PM %2B0100 References: <xzpelx2zp8h.fsf@flood.ping.uio.no> <Pine.BSF.4.10.10102132032160.51860-100000@cache.bi.itb.ac. id> <5.0.2.1.2.20010213144216.00a80210@mail.gmx.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue 2001-02-13 (14:45), turbo23 wrote: > > > > Hmm, the standard FreeBSD ftpd can run as a daemon. But how do you > > control > > > > the number of active connections? With /etc/login.conf or something > > > > similar resource control (number of running processes)? > > > > > > Run ftpd from inetd like God intended and specify a maximum number of > > > concurrent instances in inetd.conf. > > > > > > >or maybe you like to run ftpd with tcp-server, from mr. djb. > >small, fast and easy to configure. > > You can also run ftpd with xinetd. It can also handle maximum number of > connections. IMHO it isn't as fast as Bernsteins tcp-server but it's more > secure than inetd. I'm not aware of any security issues in FreeBSD's inetd that involve it running an external (ie, exec) service. Care for pointers? 19 June 2000, xinetd had the following bug: Certain versions of xinetd have a bug in the access control mechanism. If you use a hostname to control access to a service (localhost instead of 127.0.0.1 ), xinetd will allow any connection from hosts that fail a reverse look-up. Perhaps you mean inetd's on other systems (like those that don't have connection limits, and those that turn services off for 10 minutes without configurability on the amount of time turned off)? Neil -- Neil Blakey-Milner nbm@mithrandr.moria.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010213155212.A70601>