On Wed, Jan 03, 2001 at 07:50:58PM +0100, Christian Kurz wrote: > > > apt-get remove telnetd > > Well, why do we have telnet enabled after installation? This is a bit > security hole and I think this service should be disabled and only be > enabled by the admin. because telnetd is priority standard, and with dselect (and tasksel in woody i think) all priority standard packages are installed by default. (well selected by default in your first dselect session, so if you do nothing more then run the select step in dselect and then install you get priority: standard). $ apt-cache show telnetd Package: telnetd Priority: standard Section: net nfsd and nfs-common are also standard, but nfs-kernel-server's initscript won't start the daemons if /etc/exports contains no exports. nfs-common and portmap are started by default though. (and statd had a nice root hole recently) > Hm, there are services in /etc/inetd.conf that are not belonging to any > package like daytime, echo and this should be disabled by default. agreed these should be off by default. what are these used for that makes it necessary for the majority of systems to have them enabled? -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgp1vuu6NLMqb.pgp
Description: PGP signature