On 12 May Eric Schuele wrote:
Derek Ragona wrote:
Yes it is still true today. The default system now has inetd running
nothing. And the ports now install rc scripts for these reasons.
Not arguing here... everything I've found on the web says something
similar.
But why do we have inetd?
There are two ways to run these at boot. The more standard way is to
create an rc script in /usr/local/etc/rc.d
Whatever scripts you create must have .sh extension to run at boot.
For instance you would create ftp-proxy.sh in that directory with the
single line to execute the ftp-proxy with
I did not give any more information about the security hole as I don't
recall the exact exploit. However from my bad memory it was something that
inet can inadvertently run an application which can easily get root
privileges. Inet itself runs as root. If you want the real details, as I
Hello,
I run sshd and ftpd on my laptop. I generally start them via:
sshd_enable=YES
ftpd_enable=YES
in my rc.conf.
What are the pros/cons of running them via inetd?
This is in no way a high load or production machine. Just my laptop
that I need access to from time to time.
The one pro
On Fri, May 12, 2006 at 11:35:41AM -0500, Eric Schuele wrote:
Hello,
I run sshd and ftpd on my laptop. I generally start them via:
sshd_enable=YES
ftpd_enable=YES
in my rc.conf.
What are the pros/cons of running them via inetd?
This is in no way a high load or production machine.
Daniel Bye wrote:
On Fri, May 12, 2006 at 11:35:41AM -0500, Eric Schuele wrote:
Hello,
I run sshd and ftpd on my laptop. I generally start them via:
sshd_enable=YES
ftpd_enable=YES
in my rc.conf.
What are the pros/cons of running them via inetd?
This is in no way a high load or
inetd running is discouraged. Instead run the daemons on boot using rc
scripts. If you look back in the history, inetd running is a security
risk, and was discouraged in the 5.X releases.
-Derek
At 01:07 PM 5/12/2006, Eric Schuele wrote:
Daniel Bye wrote:
On Fri, May 12, 2006 at
On Fri, May 12, 2006 at 01:07:22PM -0500, Eric Schuele wrote:
Although I am curious about ftpd and tcpwrappers I am also
interested in whether or not running these daemons under inetd is
preferred or not. If so why? If not, why?
Certainly for anything that has a reasonably expensive
At 04:25 PM 5/12/2006, you wrote:
inetd running is discouraged. Instead run the daemons on boot using
rc scripts. If you look back in the history, inetd running is a
security risk, and was discouraged in the 5.X releases.
Is that still really true? Waaayyy back when, inetd would have all
Yes it is still true today. The default system now has inetd running
nothing. And the ports now install rc scripts for these reasons.
For network daemons, when they are running in a listen mode there is no
real overhead on the system.
-Derek
At 03:41 PM 5/12/2006, [EMAIL
[EMAIL PROTECTED] wrote:
At 04:25 PM 5/12/2006, you wrote:
inetd running is discouraged. Instead run the daemons on boot using
rc scripts. If you look back in the history, inetd running is a
security risk, and was discouraged in the 5.X releases.
Is that still really true? Waaayyy back
Derek Ragona wrote:
Yes it is still true today. The default system now has inetd running
nothing. And the ports now install rc scripts for these reasons.
Not arguing here... everything I've found on the web says something similar.
But why do we have inetd? I assume it solved a problem in
Daniel Bye wrote:
On Fri, May 12, 2006 at 01:07:22PM -0500, Eric Schuele wrote:
Although I am curious about ftpd and tcpwrappers I am also
interested in whether or not running these daemons under inetd is
preferred or not. If so why? If not, why?
Certainly for anything that has a
Simply reinstall what ever ported apps you are using and look for a sample
startup script in /usr/local/etc/rc.d, or look in /etc/defaults/rc.conf for
the settings to override in /etc/rc.conf to run any standard system
services at boot.
You can search the old security lists or look in SANS
Inetd still is there as a legacy part of UNIX. This was the old way of
starting services on demand in the old days BEFORE wans, the internet,
etc. Remember UNIX started as networked on LANS, with LANS interconnected
using UUCP. Ah those good old days before SPAM, www, and viruses.
As more
At 08:42 PM 5/12/2006, Eric Schuele wrote:
You say tcpwrappers are compiled into ftpd? Are you sure? How can
I enable or otherwise use them? If I add things to hosts.allow
they seem to have no influence. This would solve my problem as I
would not need inetd.
My Bad. It seems it does
16 matches
Mail list logo