Date: Wed, 15 Aug 2001 13:48:52 +0200 From: Alexander Langer <alex@big.endian.de> To: Robert Watson <rwatson@FreeBSD.org> Cc: security@FreeBSD.org Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20010815134852.B16184@zerogravity.kawo2.rwth-aachen.d> In-Reply-To: <Pine.NEB.3.96L.1010814194754.72605A-100000@fledge.watson.org>; from rwatson@FreeBSD.org on Tue, Aug 14, 2001 at 07:50:56PM -0400 References: <20010814213312.C22531@zerogravity.kawo2.rwth-aachen.d> <Pine.NEB.3.96L.1010814194754.72605A-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Thus spake Robert Watson (rwatson@FreeBSD.org): > processing out of cron, not bind sockets, etc. I don't know much about > that, from an operational perspective, and would be interested in hearing > more about the considerations here. For example, I do know that a number > of system functions generate e-mail (scheduled events, vi recovery, etc) > and that needs to be handled properly. We can disable binding to port 25 and local mail delivery will still work. I also like disabling all other network services by default. One of OpenBSD's argument is, that you then know what services you've had enabled, and you then know, what to take care about. If you missed a SA about some service you haven't enabled either, who cares? Alex To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010815134852.B16184>