Date: Fri, 12 May 2006 19:44:42 -0500 From: Eric Schuele <e.schuele@computer.org> To: Derek Ragona <derek@computinginnovations.com> Cc: wc_fbsd@xxiii.com, freeBSD Questions <questions@freebsd.org> Subject: Re: Pros and Cons of running under inetd.... Message-ID: <44652BFA.6000002@computer.org> In-Reply-To: <6.0.0.22.2.20060512165738.026575c0@mail.computinginnovations.com> References: <4464B95D.1040702@computer.org> <20060512171515.GC34035@catflap.slightlystrange.org> <4464CEDA.80906@computer.org> <6.0.0.22.2.20060512152402.026a60c8@mail.computinginnovations.com> <6.2.3.4.2.20060512163433.02e85298@mailsvr.xxiii.com> <6.0.0.22.2.20060512165738.026575c0@mail.computinginnovations.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Derek Ragona wrote: > Yes it is still true today. The default system now has inetd running > nothing. And the ports now install rc scripts for these reasons. > Not arguing here... everything I've found on the web says something similar. But why do we have inetd? I assume it solved a problem in the past, that no longer exists. Not to mention its spotted security history. > For network daemons, when they are running in a listen mode there is no > real overhead on the system. > > -Derek > > At 03:41 PM 5/12/2006, wc_fbsd@xxiii.com wrote: >> At 04:25 PM 5/12/2006, you wrote: >>> inetd running is discouraged. Instead run the daemons on boot using >>> rc scripts. If you look back in the history, inetd running is a >>> security risk, and was discouraged in the 5.X releases. >> >> Is that still really true? Waaayyy back when, inetd would have all >> kinds of dangerous services enabled by default (allowing DOS stuff >> like spewing "chargen" into "discard"). >> >> But that was a configuration issue, and issues with the services it >> launched; not with inetd itself. >> >> The authentication is still done within ftpd. You're just saving the >> tiny overhead of running it all the time for occasional use. And >> inetd does allow the tcpwrappers for anything it launches (obviously >> the wrappers are compiled into many other things now, ftpd included.) >> >> -Wayne >> >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to >> "freebsd-questions-unsubscribe@freebsd.org" >> >> -- >> This message has been scanned for viruses and >> dangerous content by MailScanner, and is >> believed to be clean. >> MailScanner thanks transtec Computers for their support. >> > -- Regards, Eric
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44652BFA.6000002>