From owner-freebsd-security  Thu Dec 24 04:35:44 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id EAA26052
          for freebsd-security-outgoing; Thu, 24 Dec 1998 04:35:44 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from shell2.la.best.com (shell2.la.best.com [209.24.216.141])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA26046
          for <freebsd-security@FreeBSD.ORG>; Thu, 24 Dec 1998 04:35:43 -0800 (PST)
          (envelope-from nugundam@shell2.la.best.com)
Received: (from nugundam@localhost)
	by shell2.la.best.com (8.9.1/8.9.0/best.sh) id EAA23693
	for freebsd-security@FreeBSD.ORG; Thu, 24 Dec 1998 04:34:52 -0800 (PST)
Message-ID: <19981224043452.A23609@la.best.com>
Date: Thu, 24 Dec 1998 04:34:52 -0800
From: "Joseph T. Lee" <nugundam@la.best.com>
To: freebsd-security@FreeBSD.ORG
Subject: Re: Do I really need inetd?
References: <Pine.BSF.3.96.981224000443.29305A-100000@phoenix.aye.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.93.2i
In-Reply-To: <Pine.BSF.3.96.981224000443.29305A-100000@phoenix.aye.net>; from Barrett Richardson on Thu, Dec 24, 1998 at 12:13:09AM -0500
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Thu, Dec 24, 1998 at 12:13:09AM -0500, Barrett Richardson wrote:
> I have all my necessary network services running as daemons. In the
> face of recent discoveries of problems caused for inetd by nmap
> and various things I've come to the conclusion that I really don't
> need inetd -- another variable I can eliminated from the mix.

inetd centralizes the daemon management, besides providing some
protection such as sandboxing said daemons instead of letting them all
run as root as needed.

In relation to the nmap thing, you can limit the number of daemon
children/max connections per minute per IP through, to discourage DoS
attacks.

-- 
Joseph nugundam =best=com==/==\=IIGS=/==\=Playstation=/==\=Civic HX CVT=/==\
#        Anime Expo 1998        >> www.anime-expo.org/                      >
#         Redline Games         >> www.redlinegames.com/                    >
#      Cal-Animage Epsilon      >> www.best.com/~nugundam/epsilon/          >
# EX: The Online World of Anime & Manga >> www.ex.org/                     /

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message