From owner-freebsd-questions  Mon Aug  5 14:02:47 1996
Return-Path: owner-questions
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id OAA20188
          for questions-outgoing; Mon, 5 Aug 1996 14:02:47 -0700 (PDT)
Received: from chain.iafrica.com (root@chain.iafrica.com [196.7.74.174])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id OAA20173
          for <questions@FreeBSD.ORG>; Mon, 5 Aug 1996 14:02:42 -0700 (PDT)
Received: from localhost (khetan@localhost [127.0.0.1]) by chain.iafrica.com (8.7.5/8.6.12) with SMTP id WAA04087; Mon, 5 Aug 1996 22:25:36 +0200 (SAT)
Date: Mon, 5 Aug 1996 22:25:36 +0200 (SAT)
From: Khetan Gajjar <khetan@iafrica.com>
To: Mike <flaq@synwork.com>
cc: questions@FreeBSD.ORG
Subject: Re: I am under attack, need to restrict network
In-Reply-To: <Pine.BSI.3.94.960804122821.1773A-100000@synwork.com>
Message-ID: <Pine.BSI.3.95.960805222326.269M-100000@chain.iafrica.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-questions@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Sun, 4 Aug 1996, Mike wrote:

>Ok, got it compiled and installed.  What services should be wrapped?
>telnet, finger, ftp...what else?

I wrap ftp, telnet, rsh, login, and finger. I disallow rexec, and don't
wrap ntalkd. I find that this works quite well, except for idiots who
can't read - I block the access with a twist, displaying a message to the
effect of "go away, you're not allowed" ;-)

---
Khetan Gajjar	       [ http://www.iafrica.com/~khetan  ]
UUNet Internet Africa  [ 0800-030-002 & help@iafrica.com ]
Get rid of Telkom....  [      http://www.ispa.org.za     ]
I'm a FreeBSD User!    [      http://www.freebsd.org     ]
Any opinions stated in this message are personal.
UIA's official policy may not be reflected in this message.