> Your system probably shouldn't have inetd/xinetd running; I don't even > install them. There is no reason to. There are some good things that > xinetd can do for a service like pop3, such as connection limiting. Use > it only if you need it.
I have 3 layers of resistance; at the outer there is iptables. In the middle there is xinetd. I like xinetd because it understands the protocol; if nothing else, it logs the break-in attempts nicely. in previous RH versions for example, telnet prompts for user/pass but rejects IP's not allowed; Its quite interesting to see the logs attempt showing the actual user/passwd the person is typing (this is related somehow to PAM but i never took the time to understand that). The 3rd layer is the application's protection itself--for example squid's ACL's are nice. > > Michael -- JondZ <[EMAIL PROTECTED]> -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
