Fwd: Re: [Courses] [Security] The useful netstat
Laura Bowser
lbowser at andrew.cmu.edu
Wed Mar 6 20:32:12 EST 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
>Is there a good reason to keep inetd / xinetd running?
>Let's say I'm running a web server...should I shut
>xinetd down? This seems like a big security risk to
>me.
One good reason to keep xinetd/inetd running is to use TCP wrappers. you'll
probably see a line something like:
#telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd
in your inetd.conf file.
the /usr/sbin/tcpd is the TCP wrappers program which uses the hosts.allow and
hosts.deny file that allows you better control over who can and who can't
access that service on your server.
most standalone daemons don't have that capability.
Laura
- --
Public Key available at
http://callista.dyndns.org/~elwing/lbowser.gpg
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8hnXvDxAypHN+smoRAtekAKCb7galGQFwXJbS86w0UKFr3xF70ACeLRYo
UzwD2horTdQI++p1fRko/DA=
=Y2Bf
-----END PGP SIGNATURE-----
-------------------------------------------------------
--
Public Key available at
http://callista.dyndns.org/~elwing/lbowser.gpg
More information about the Courses
mailing list