On Sat, Aug 21, 1999 at 10:01:58PM +0200, Marco d'Itri wrote: > On Aug 21, Miquel van Smoorenburg <miquels@cistron.nl> wrote: > >I think a lot of administrators would be pleased as well if most if > >not all services were turned off by default. I would - the first > >thing I do when I install a Debian box is to edit /etc/inetd.conf > >and /etc/hosts.allow > I think we should ship with something like that in hosts.deny: > ALL EXCEPT identd: ALL EXCEPT localhost So on a standard install "debian$ lynx http://localhost/~user/foo", but "debian$ lynx http://debian/~user/foo" doesn't. That doesn't strike me as an entirely wonderful default. I could happily see /etc/inetd.conf defaulting most services to off, but I'm not so convinced about trying to choose appropriate people to allow/deny access to, that seems to much of a local configuration issue to me. Cheers, aj -- Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/> I don't speak for anyone save myself. PGP encrypted mail preferred. ``The thing is: trying to be too generic is EVIL. It's stupid, it results in slower code, and it results in more bugs.'' -- Linus Torvalds
Attachment:
pgpKbOsVNtrcO.pgp
Description: PGP signature