Hi;
I'm configuring my xinetd.d files. I've done my reading and have a few
basic questions to fill in the holes in my understanding:
1. To prevent DoS attacks, it is advised one set max_load on services that
are subject to attack. What is a reasonable value to set this variable to?
2. How does one limit the size of logfiles that are created with
log_on_success or log_on_failure?
3. At the top of most of the files in xinetd.d is a line that reads:
# default: off
Is this default set in /etc/hosts.{allow|deny}? I'm confused as to how
/etc/xinetd.conf is called and what files
(other than allow|deny) filter what is sent to xinetd.conf.
3a. Assuming that the defaults are set in the above files, there is nothing
in my /etc/hosts.deny and allow has this:
in.smptd: ALL
ftpd: ALL
If I want to turn on gssftp (since I've configured kerberos :) how do I
edit /etc/hosts.allow? Or, what do I edit?
4. I have the following services configured in my xinetd.d folder:
chargen daytime echo eklogin klogin kshell rs
chargen daytime echo eklogin klogin kshell
rsync telnet time-udp
chargen-udp daytime-udp echo-udp gssftp krb5-telnet linuxconf-web sm
chargen-udp daytime-udp echo-udp gssftp krb5-telnet linuxconf-web
smtp time
(I added smtp from a script written to configure qmail with xinetd.d.)
4a. There is no telnet service available to the box (nor do I ever intend
to allow the same). Is it safe to simply delete the telnet files?
TIA,
BenO
Happy Holidays!
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
