Re: not using debian as firewall!
On Tue, Apr 13, 1999 at 04:07:12PM -0400, Jonathan P Tomer wrote:
> > Err -- any reason you can't disable these services on Debian too?
> > Not running inetd would kill most of them.
>
> you can disable them, but not running inetd is a bad idea since that
> provides more basic services as well (notably, i think it does ping). better
> to just remove all the lines in inetd.conf for non-internal services.
Eh? Ping's are ICMP packets, which operate beneath the tcp layer.
>From RFC 791:
+------+ +-----+ +-----+ +-----+
|Telnet| | FTP | | TFTP| ... | ... |
+------+ +-----+ +-----+ +-----+
| | | |
+-----+ +-----+ +-----+
| TCP | | UDP | ... | ... |
+-----+ +-----+ +-----+
| | |
+--------------------------+----+
| Internet Protocol & ICMP |
+--------------------------+----+
|
+---------------------------+
| Local Network Protocol |
+---------------------------+
Hope that comes across ok in your mail.
For more information, go buy all the Stevens books (they're worth it)
from a bookstore.
Ciao,
--
David N. Welton | Fortune rota volvitur - descendo minoratus
davidw@prosa.it | alter in altum tollitur - nimis exaltatus
http://www.efn.org/~davidw | rex sedet in vertice - caveat ruinam!
www.debian.org - www.prosa.it | nam sub axe legimus - Hecubam reginam
Reply to: