Peter Cordes wrote: > This isn't specific to identd, but I'm wondering why you would bother > filtering the port instead of just not running identd? (I assume you would > have/do turn off identd in /etc/inetd.conf as well as using doing port > filtering.) I've never really understood why people filter all kinds of > ports on their own machine when the ports are closed anyway.
While inetd + tcp_wrappers is sufficient for something like identd, it offers no protection for things that aren't launched from inetd -- a category that the vast majority of debian daemons falls under (apache, lpd, X, etc). -- Brian Kimball
