From owner-freebsd-questions  Wed Feb  4 15:58:07 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id PAA13230
          for questions-outgoing; Wed, 4 Feb 1998 15:58:07 -0800 (PST)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from sinfonix.rz.tu-clausthal.de (tvon3S5yVGbmT44bJr2QiyotSEBvuRtd@sinfonix.rz.tu-clausthal.de [139.174.253.19])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA13170
          for <freebsd-questions@freebsd.org>; Wed, 4 Feb 1998 15:57:45 -0800 (PST)
          (envelope-from inrk@rz.tu-clausthal.de)
Received: (from inrk@localhost) 
	by sinfonix.rz.tu-clausthal.de (8.8.8/8.8.8)
	id AAA04696;
	Thu, 5 Feb 1998 00:57:33 +0100 (MET)
Date: Thu, 5 Feb 1998 00:57:33 +0100 (MET)
From: Ronald Kuehn <kuehn@rz.tu-clausthal.de>
Message-Id: <199802042357.AAA04696@sinfonix.rz.tu-clausthal.de>
To: jal@42is.com
Subject: Re: minimalist /etc/services and /etc/inetd.conf Re: Security
Cc: freebsd-questions@FreeBSD.ORG
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG
X-To-Unsubscribe: mail to majordomo@FreeBSD.org "unsubscribe questions"

> From: Jamie Lawrence <jal@42is.com>
> 
> At 11:43 PM 2/4/98 +0100, you wrote:
> >In list.freebsd-questions you write:
> 
> >> "Don't play with /etc/services" seems like pretty general advice
> >> not applicable in all (or perhaps even most) situations.
> >
> >Again, "don't play with /etc/services". It's for mappings between
> >port numbers and service names only. It has nothing do to with services
> >you currently run. That's the job of inetd (/etc/inetd.conf) and
> >/etc/rc.* (for running standalone services).
> >Removing lines from /etc/services buys you nothing but trouble.
> 
> I'm well aware of the function of /etc/services, and I disagree. 
> 
> Should that be what one wants to do, then that would be the proper
> course of action.
> 
> A machine running little other than an httpd and sshd has no need to
> know that port 4045 maps to lockd. And so on.

That does not give you any more security.

-- 
Ronald Kuehn, TUC Rechenzentrum,  Erzstrasse 51,  D-38678 Clausthal-Zellerfeld
<kuehn@rz.tu-clausthal.de> http://www.tu-clausthal.de/~inrk/  +49-5323-72-3896
PGP key available via <pgp-public-keys@keys.pgp.net> or from my  WWW home page
******************************* HIP never ends *******************************