Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default

To: debian-devel@lists.debian.org
Subject: Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
From: Rahul Jain <rahul@rice.edu>
Date: Wed, 18 Apr 2001 21:54:53 -0500
Message-id: <[🔎] 20010418215453.A1598@photino.sid.rice.edu>
Reply-to: Rahul Jain <rahul@rice.edu>
In-reply-to: <[🔎] 20010419040314.H5361@omega.resa.es>; from piotr@omega.resa.es on Thu, Apr 19, 2001 at 04:03:14AM +0200
References: <[🔎] 20010418171100.B8620@omega.resa.es> <[🔎] 20010418172549.A17770@lin-gen.com> <[🔎] 20010418152310.A13362@pimlott.ne.mediaone.net> <[🔎] 20010418221722.A23225@lin-gen.com> <[🔎] 20010418163728.C13362@pimlott.ne.mediaone.net> <[🔎] 20010419023915.A16420@lin-gen.com> <[🔎] 20010419040314.H5361@omega.resa.es>

On Thu, Apr 19, 2001 at 04:03:14AM +0200, PiotR wrote:
> IMHO that exceeds our objetives and those of the debian developers. I think
> is not debian's objetive to enforce a well structurated internet, which is
> not. It's by far more important that our operating system doesn't act weirdly
> when it shouldn't. Not to mention givin unecesary headaches to netadmins. And
> denying network services, wich might be crucial.

An admin should know how to admin his server. If he doesn't, he should _learn_
how to before opening up his system. I support ALL:ALL in hosts.deny, possibly
with a debconf (or some other) mechanism to open up access from some networks.
The people who don't know how to secure their system shouldn't be forced to
learn how before they install debian.

> Let's think in usability
> first: I don't like my servers denying conexions to clients ( wich could keep
> my company from making money or giving service to customers ). Is that
> supposed exquisite-security-enhacement worth denying a lot of conexions, with
> the consequences that this might have?   

Yes, since the admin knows how to stop the machine from denying those
connections.

-- 
-> -/-                       - Rahul Jain -                       -\- <-
-> -\- http://linux.rice.edu/~rahul -=- mailto:rahul-jain@usa.net -/- <-
-> -/- "I never could get the hang of Thursdays." - HHGTTG by DNA -\- <-
|--|--------|--------------|----|-------------|------|---------|-----|-|
   Version 11.423.999.220020101.23.50110101.042
   (c)1996-2000, All rights reserved. Disclaimer available upon request.

Reply to:

Follow-Ups:
- Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
  - From: PiotR <piotr@omega.resa.es>

References:
- ALL: PARANOID from /etc/hosts.deny Should be Commented by default
  - From: PiotR <piotr@omega.resa.es>
- Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
  - From: Robert van der Meulen <rvdm@cistron.nl>
- Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
  - From: andrew@pimlott.ne.mediaone.net (Andrew Pimlott)
- Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
  - From: Robert van der Meulen <rvdm@cistron.nl>
- Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
  - From: andrew@pimlott.ne.mediaone.net (Andrew Pimlott)
- Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
  - From: Robert van der Meulen <rvdm@cistron.nl>
- Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
  - From: PiotR <piotr@omega.resa.es>

Prev by Date: Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
Next by Date: Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
Previous by thread: Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
Next by thread: Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
Index(es):
- Date
- Thread