Date: Thu, 23 Mar 2000 15:29:54 -0400 From: "Jeroen C. van Gelderen" <jeroen@vangelderen.org> To: Warner Losh <imp@village.org> Cc: FreeBSD Audit List <freebsd-audit@FreeBSD.ORG> Subject: Re: Portmapper enabled, IPv6 circumvents FW Message-ID: <38DA70B2.96AF6B6D@vangelderen.org> References: <38DA6D77.FB93FC36@vangelderen.org> <200003231923.MAA42847@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Warner Losh wrote: > > In message <38DA6D77.FB93FC36@vangelderen.org> "Jeroen C. van Gelderen" writes: > : I'd suggest disabling the portmapper in a default installation > : unless there is a good reason not to. > > Sadly too many people want NFS :-(. It is a big pita to run nfs w/o > portmapper. But why not enable portmapper contingent on NFS being enabled? Not possible? > : Another solution is to add a comment to /etc/inetd.conf because > : that's what people usually edit on new systems (because FreeBSD > : *still* runs ftpd and telnetd by default). > > Agreed. > > : Opinions? > > I've been sent patches that make *ALL* network services off by > default. I'm thinking seriously about committing them to at least > -current and maybe to -stable also. These patches also hack > sysinstall to enable them in /etc/rc.conf so as to not effectively > change our system defaults. Interesting, would this include disabling sendmail by default? (Please say yes.) Cheers, Jeroen -- Jeroen C. van Gelderen - jeroen@vangelderen.org Kick-ass crypto for you: http://www.cryptix.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38DA70B2.96AF6B6D>