From owner-freebsd-security  Tue Feb 13 07:07:15 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id HAA15939
          for security-outgoing; Tue, 13 Feb 1996 07:07:15 -0800 (PST)
Received: from gw0.telebase.com (root@gw0.telebase.com [192.132.57.100])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id HAA15933
          for <freebsd-security@FreeBSD.ORG>; Tue, 13 Feb 1996 07:07:12 -0800 (PST)
Received: from wormhole.telebase.com  by gw0.telebase.com id KAA28744; Tue, 13 Feb 1996 10:06:14 -0500 (EST)
Received: from odo.telebase.com (root@odo.telebase.com [172.16.2.217]) by wormhole.telebase.com (8.7.1/8.6.9.1) with ESMTP id KAA11399; Tue, 13 Feb 1996 10:06:13 -0500 (EST)
Received: (from bmc@localhost) by odo.telebase.com (8.6.12/8.6.9.1) id KAA03226; Tue, 13 Feb 1996 10:06:11 -0500
Date: Tue, 13 Feb 1996 10:06:11 -0500
Message-Id: <199602131506.KAA03226@telebase.com.>
From: Brian Clapper <bmc@telebase.com>
To: Mark Murray <mark@grondar.za>
Cc: Jim Dennis <jimd@mistery.mcafee.com>, freebsd-security@FreeBSD.ORG,
        Chuck Murcko <chuck@telebase.com>
Subject: Re: tripwire, xinetd (or tcp wrappers)
In-Reply-To: <127245926@toto.iv>
Sender: owner-security@FreeBSD.ORG
Precedence: bulk

>>>>> "Mark" == Mark Murray <mark@grondar.za> writes:

Mark> Jim Dennis wrote:
>>
>> Where can I find tripwire?  How about xinetd?

Mark> Neither have been ported to FreeBSD. Tripwire is available from cert
Mark> (ftp.cert.org) and xinetd is a bunch sharfiles + later patches
Mark> available from ftp.uu.net and mirrors in (something like)
Mark> usenet/comp.sources.unix/volume??/xinetd/part* and
Mark> usenet/comp.sources.unix/volume??/xinetd/patch*
Mark> I seem to remember that there are a couple of patches in different
Mark> volumes spread over a bit of time.

`xinetd' *has* been ported to FreeBSD, by Chuck Murcko (chuck@telebase.com).
Check out ftp://ftp.telebase.com/pub/security/xinetd.2.1.7-freebsd.4.tar.gz

I'm using it on a FreeBSD box, as is Chuck.  We use it here on a variety of
platforms to which it was not originally ported by its author, Panos
Tsirigotis.

>> Is xinetd faster (suffering from less process start latency)
>> than tcpd?

Mark> Fractionally. Probably not even so you'd notice.

IMO, xinetd's somewhat simpler to use than the inetd/tcp-wrappers
combination.
----
Brian Clapper .............................................. bmc@telebase.com
http://www.netaxs.com/~bmc/ ............. PGP public key available on request
But soft you, the fair Ophelia:
Ope not thy ponderous and marble jaws,
But get thee to a nunnery -- go!
        -- Mark "The Bard" Twain