Steve -- I am no Linux expert, but I do know that inetd/xinetd are the de facto standard way of making services available under various UNIX/Linux operating systems. While absolute security does not exist in this universe, the fact that they are the de facto standard means that much of the infrastructure of the Internet is built on them. Just like a medieval fortress is built with layers of defenses, [x]inetd is just part of your toolkit for securing your computer. Other tools that you can use include TCP wrappers, chroot jails, etc.
Before going into production, for any sort of system that must be secure, I suggest a security audit to ensure that the security implementation is in line with the needs of that which is being secured. -- Bhaskar On Fri, 2005-07-29 at 14:07 -0500, Stephen K. Miyasato wrote: > I know very little about using [x]intetd in Linux and I thought I > would ask > the Linux specialist(s) here if that may be a security risk or if > there are > any downside to using this process. > > Thanks very much for you input. > > Stephen K. Miyasato > Pacific Telehealth and Technology Hui > > > ----- Original Message ----- > From: "K.S. Bhaskar" <[EMAIL PROTECTED]> > To: <hardhats-members@lists.sourceforge.net> > Sent: Friday, July 29, 2005 7:58 AM > Subject: Re: [Hardhats-members] Short cut for connection Windows GUI > < > >OpenVista Server > > > > On Fri, 2005-07-29 at 12:31 -0500, Nancy Anthracite wrote: > >> There were instructions posted, but I would encourage you to wait > on > >> trying to > >> implement that as I have been working with this system, we are > testing > >> it out > >> using different machines and finding some tweaking is desireable. > As > >> soon as > >> I can, I will post some instructions that will walk you through > it. > >> However, > >> even if you do that, it has a port specified in advance. > >> > > I'll wait! > > > > I understand that the port is specified in advance, but unlike the > "pool > > of servers" approach, deploying a service under [x]inetd means that > you > > can have as many servers as needed by the clients that actually > connect. > > You advertise one port, say, 9200, as the port for CPRS GUI clients > to > > connect to, and [x]inetd just fires up a new process for each > client. > > Furthermore, the server processes simply terminate when clients > > disconnect, so shutting down becomes simpler. > > > > -- Bhaskar > > > > > > > > ------------------------------------------------------- > > SF.Net email is sponsored by: Discover Easy Linux Migration > Strategies > > from IBM. Find simple to follow Roadmaps, straightforward articles, > > informative Webcasts and more! Get everything you need to get up to > > speed, fast. > http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click > > _______________________________________________ > > Hardhats-members mailing list > > Hardhats-members@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/hardhats-members > > > > > > ------------------------------------------------------- > SF.Net email is sponsored by: Discover Easy Linux Migration > Strategies > from IBM. Find simple to follow Roadmaps, straightforward articles, > informative Webcasts and more! Get everything you need to get up to > speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click > _______________________________________________ > Hardhats-members mailing list > Hardhats-members@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/hardhats-members > ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click _______________________________________________ Hardhats-members mailing list Hardhats-members@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/hardhats-members
