Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default

To: debian-devel@lists.debian.org
Subject: Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
From: Adam McKenna <adam@debian.org>
Date: Wed, 18 Apr 2001 14:48:47 -0700
Message-id: <[🔎] 20010418144847.W12115@flounder.net>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] Pine.LNX.4.30.0104182302110.13998-100000@tangramayne.pandemonium.de>; from nils@pandemonium.de on Wed, Apr 18, 2001 at 11:03:31PM +0200
References: <[🔎] 20010418163728.C13362@pimlott.ne.mediaone.net> <[🔎] Pine.LNX.4.30.0104182302110.13998-100000@tangramayne.pandemonium.de>

On Wed, Apr 18, 2001 at 11:03:31PM +0200, Nils Jeppe wrote:
> You use rsh on such sites?! Telnet? Then removing all: paranoid is really
> not going to aversely affect your security ;)

tcpd was originally designed to "protect" (heh) people using .rhosts files 
and rlogin/rsh to allow remote logins without a password.  If you are doing 
this, then hostname-based security is desirable (despite the fact that it's 
not actually achievable, due to security problems with DNS).

Paranoid checks really don't gain you anything today, and what little extra
security they provide is far outweighed by the problems they cause.

--Adam

-- 
Adam McKenna  <adam@debian.org>  <adam@flounder.net>

Reply to:

References:
- Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
  - From: andrew@pimlott.ne.mediaone.net (Andrew Pimlott)
- Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
  - From: Nils Jeppe <nils@pandemonium.de>

Prev by Date: Re: configuring xf4, was Re: Can't configure 3rd button on mouse
Next by Date: Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
Previous by thread: Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
Next by thread: Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
Index(es):
- Date
- Thread