Derek Ragona wrote:
Yes it is still true today. The default system now has inetd running nothing. And the ports now install rc scripts for these reasons.


Not arguing here... everything I've found on the web says something similar.

But why do we have inetd? I assume it solved a problem in the past, that no longer exists. Not to mention its spotted security history.

For network daemons, when they are running in a listen mode there is no real overhead on the system.

        -Derek

At 03:41 PM 5/12/2006, [EMAIL PROTECTED] wrote:
At 04:25 PM 5/12/2006, you wrote:
inetd running is discouraged. Instead run the daemons on boot using rc scripts. If you look back in the history, inetd running is a security risk, and was discouraged in the 5.X releases.

Is that still really true? Waaayyy back when, inetd would have all kinds of dangerous services enabled by default (allowing DOS stuff like spewing "chargen" into "discard").

But that was a configuration issue, and issues with the services it launched; not with inetd itself.

The authentication is still done within ftpd. You're just saving the tiny overhead of running it all the time for occasional use. And inetd does allow the tcpwrappers for anything it launches (obviously the wrappers are compiled into many other things now, ftpd included.)

  -Wayne

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.




--
Regards,
Eric
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to