why is xinetd not installed by default in FC6?
Paul Johnson
pauljohn32 at gmail.com
Wed Nov 22 02:59:18 UTC 2006
One security tip I got years ago was to turn off all access by setting
the file /etc/hosts.deny like this:
ALL:ALL
And then in /etc/hosts.allow, I allow in only specific services and
specific ip address ranges that I want to allow. For example, I
usually allow only ssh connections from a few specific places:
ALL: 127.0.0.1
sshd: 24.124.
sshd: 129.237.
sshfwd-X11: 24.124.
sshfwd-X11: 129.237.
This has served me well to keep out other users and protect myself
from starting services that I don't want.
Now in FC6 I notice that xinetd is not installed and so these host
files have no effect. of course, I can install xinetd, but I'm
suspecting that the FC6 designers want me to do something else in
order to control access. How does one achieve the same effect without
using xinetd?
--
Paul E. Johnson
Professor, Political Science
1541 Lilac Lane, Room 504
University of Kansas
More information about the users
mailing list