Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
On Wed, Apr 18, 2001 at 12:57:41PM -0700, Erik Hollensbe wrote:
> sorry for the quick jab, but wouldn't disabling inetd from the
> start fix this problem? I can't think of any tcpd services that
> start default without it.
In principle, starting everything from inetd is better for security,
because everything is in one place. Easy to see what's running,
easy to see what's using TCP wrappers, etc.
But this has nothing to do with sshd--it uses TCP wrappers, but
doesn't start from inetd.