On Sat, Aug 21, 1999 at 10:01:58PM +0200, Marco d'Itri wrote:
> On Aug 21, Miquel van Smoorenburg <miquels@cistron.nl> wrote:
> >I think a lot of administrators would be pleased as well if most if
> >not all services were turned off by default. I would - the first
> >thing I do when I install a Debian box is to edit /etc/inetd.conf
> >and /etc/hosts.allow
> I think we should ship with something like that in hosts.deny:
> ALL EXCEPT identd: ALL EXCEPT localhost
So on a standard install "debian$ lynx http://localhost/~user/foo";,
but "debian$ lynx http://debian/~user/foo"; doesn't.
That doesn't strike me as an entirely wonderful default.
I could happily see /etc/inetd.conf defaulting most services to off,
but I'm not so convinced about trying to choose appropriate people to
allow/deny access to, that seems to much of a local configuration issue
to me.
Cheers,
aj
--
Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/>
I don't speak for anyone save myself. PGP encrypted mail preferred.
``The thing is: trying to be too generic is EVIL. It's stupid, it
results in slower code, and it results in more bugs.''
-- Linus Torvalds
Attachment:
pgpKbOsVNtrcO.pgp
Description: PGP signature