On Mon, Sep 15, 2003 at 05:54:18PM -0400, JondZ wrote: > > > Your system probably shouldn't have inetd/xinetd running; I don't even > > install them. There is no reason to. There are some good things that > > xinetd can do for a service like pop3, such as connection limiting. Use > > it only if you need it. > > I have 3 layers of resistance; at the outer there is iptables. In the > middle there is xinetd. I like xinetd because it understands the > protocol; if nothing else, it logs the break-in attempts nicely. > in previous RH versions for example, telnet prompts for user/pass > but rejects IP's not allowed; Its quite interesting to see the logs > attempt showing the actual user/passwd the person is typing (this > is related somehow to PAM but i never took the time to understand > that). The 3rd layer is the application's protection itself--for > example squid's ACL's are nice.
I'm not going to try to change your mind, since you obviously don't understand what everybody else is saying. I would suggest simply that you look at the posts here, and consider that it's highly unlikely that you know something that everybody else doesn't know. After that sinks in, go hire someone to secure your setup. If you don't understand what's wrong with using insecure protocols, particularly after it's been explained in great detail multiple times, God Himself only knows what else you're doing... Michael -- Michael Darrin Chaney [EMAIL PROTECTED] http://www.michaelchaney.com/ -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
