Mailinglist Archive: opensuse-security (174 mails)

[Eilert Brinkmann <eilert@xxxxxxxxxxxxxxxxxxxxxxxx>]

"Aaron K. Poffenberger" <I_hate_spam.akp@xxxxxxxxxxxxx> wrote:
>   On a related note (security), two questions:  1) Do I need to have the 
> ident daemon on port 113 running?  That port is currently open on the 
> external interface on my firewall.

No. None of the usual services depends on the ident daemon.

>  And 2) from within inetd.conf, can I 
> set which interface(s) I want a particular service to bind to, or is it a 
> service-by-service config (as I've found with many, e.g., afpd)?

AFAIK inetd always binds to all interfaces. Perhaps it's possible to
use a wrapper which checks on which interface a connection is coming
in -- never tried this. Service-by-service configs will only work for
servers running in daemon mode. For inetd-controlled services inetd
binds to the ports/interfaces, and inetd doesn't know about any
service-specific configuration.

Eilert
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       Eilert Brinkmann -- Universitaet Bremen -- FB 3, Informatik
eilert@xxxxxxxxxxxxxxxxxxxxxxxx - eilert@xxxxxxx - eilert@xxxxxxxxxxxxxx
              http://www.informatik.uni-bremen.de/~eilert/