Re: Listening Ports
On Mon, 10 Sep 2001, Alexander Reelsen wrote:
> inetd also has this feature (not very well documented).
> use service@ip in inetd.conf in order to use that feature.
> xinetd is nicer, anyway :-)
> First binding then firewalling is a bad idea, someone might be able to
> access that service via spoofing or other dirty tricks...
I do not know very much in this area, but I was of the impression, that
firewalling might be more secure than giving ip, as you can only specify
the ip, and not the network-interface the connection comes from.
But of corse, ipchains stoping the one side side and inetd/xinet only
allowing the other gives more than only on of them.
Bernhard R. Link