summaryrefslogtreecommitdiffstats
path: root/etc/inetd.conf
Commit message (Collapse)AuthorAgeFilesLines
* Integrate the IPv6 entries with the rest of them to avoid things gettingpeter2001-03-301-32/+18
| | | | | | out of sync. A similar change was made by itojun on the OpenBSD tree a few weeks ago. This should stop people disabling one server and forgetting the other one (eg: ftp and/or telnet)
* Disable rsh and rlogin by default. ssh and telnet are still available forkris2000-10-041-4/+4
| | | | remote access on default installations.
* Turn fingerd OFF by default. Comparative essentials like telnetdjkh2000-10-031-2/+2
| | | | | | are bad enough, but finger is hardly a critical system service and it's traditionally been vulnerable to a variety of attacks; anybody remember RTFM and his worm?
* Fix a misspelling in the comments for tha IPv6 auth service and change themjhb2000-03-251-2/+2
| | | | to more closely resembles those in the IPv4 sction.
* Fix a typo. (s/eExample/Example/)shin2000-03-051-1/+1
| | | | Submitted by: Robert Muir <rmuir@looksharp.net>
* Add IPv6 services into inetd.conf.shin2000-02-271-0/+31
| | | | | | | | Also enable some standard IPv6 apps by default. These entries will be simply ignored on systems with no INET6 defined. Approved by: jkh Suggested by: peter
* Include a note below the example qmail entry that mentions that inetd isdbaker2000-01-101-1/+4
| | | | | no longer the correct way to have qmail handle incoming qmail smtp connections. Also provide a url to the correct method.
* Update the cvs pserver example so that it gives some more obvious cluespeter1999-12-261-3/+5
| | | | | | about the --allow-root switch. PR: 14463
* $Id$ -> $FreeBSD$peter1999-08-271-1/+1
|
* Add -n to the example and explanation of the internal auth service.green1999-07-241-3/+4
|
* Document the -o and -t options to the internal auth service and give ansheldonh1999-07-231-7/+4
| | | | | | | | | example of their usage in the sample config. Merge the two examples for the green internal auth service. This commit failed the first time around because Brian beat me to the punch on inetd.8 . I like my descriptions better and I'm pretty sure Brian won't mind.
* I think the last revision got lost here. Identd needs to be run as root,green1999-07-161-2/+2
| | | | | | at least for now. I relegated the getcred sysctls to only root, but if they're deemed to be "allowable" to export to users, I'll do so and revert this change.
* Document the new {auth,ident,tap} service and provide examples in thesheldonh1999-07-161-6/+13
| | | | | | configuration file. Requested by: green
* This is the working internal ident service. Turn it on by settinggreen1999-07-151-2/+3
| | | | | | the make variable REAL_IDENT, and ~/.fakeid support can be added with FAKEID set. Note that the default behavior is the same as the old behavior.
* Due to recent pidentd port changes (switch to sysctl), identd must beache1999-07-151-2/+2
| | | | runned as root again, not kmem:kmem
* comsat sandbox prevents biff/comsat from being able to print partialdillon1998-12-011-1/+3
| | | | | | mailbox contents. comsat instead simply prints that new mail is available. Add appropriate comment to inetd.conf but leave comsat in sandbox.
* Added group bind(53), added sandbox users tty(4), kmem(5), and bind(53),dillon1998-12-011-4/+4
| | | | | | | | | | adjustd inetd.conf to run comsat and ntalk from tty sandbox, and the (commented out) ident from the kmem sandbox. Note that it is necessary to give each group access it's own uid to prevent programs running under a single uid from being able to gdb or otherwise mess with other programs (with different group perms) running under the same uid.
* Add example for the internal "ident server".phk1998-11-041-1/+5
|
* Limit the fingerd daemon to:wosch1998-09-301-2/+2
| | | | | runs only 3 simultaneous fingerd processes and limit the connections-per-ip-per-minute to 10.
* Add Id keywordsbrian1998-09-021-0/+1
|
* Clean up the kerberos entries, and add example CVS entriesmarkm1998-08-151-4/+4
|
* MFC: sample qmail entry.hoek1998-07-181-0/+4
|
* Restore the Samba entries which were spammed when someone addedjkh1997-09-281-0/+6
| | | | the imap4 entry.
* Add commented out example entry for imap4ache1997-01-121-0/+4
|
* The kerberised network services should only be active in inetd.confpeter1996-11-101-4/+4
| | | | | | | | | | | | | | if kerberos is installed. So far as I'm aware, kerberos aware clients detect ECONNREFUSED and (if allowed) fall back to the non-kerberos servers. They do not know how to interpret messages such as "rlogind: unknown option -k". I believe Garrett also mentioned this. Unfortunately, this adds an extra step to bringing up kerberos. It also stops /var/log/messages getting quite so many useless (and confusing) error messages when somebody does a port scan on you.
* In the brave new world, that that does not make us strong, kills us.pst1996-10-021-28/+38
| | | | | | Turn OFF the "small servers" by default. FreeBSD systems should only serve actively used programs. Jewels like chargen and echo are too useful in attack scenarios.
* Add commented out example for bootpsphk1996-09-191-0/+1
|
* changed /etc/[daily,weekly,monthly] to not rotate the logfiles bygraichen1996-01-051-0/+2
| | | | | | | "hand", changed /etc/crontab to call /usr/sbin/newsyslog every hour (the entry was there before - but we haven't had any newsyslog until today :-) and changed /etc/inetd.conf to also contain (commentet out) entries for rpc.rquotad and rpc.sprayd (taken from NetBSD)
* Add /tftpboot as an argument to the commented-out example for tftp, sojoerg1995-12-231-1/+1
| | | | | people don't compromise their system by blindly un-commenting the entry.
* inetd.conf:gibbs1995-09-151-0/+1
| | | | | | | Add rkinit at 2108/tcp. services: Add rkinitd.
* Restore tabs in inetd lineache1995-07-291-1/+1
| | | | | Submitted by: Obtained from:
* Rename in.identd -> identd according recent ports renameache1995-07-271-1/+1
|
* Add ident (commented out)ache1995-04-081-0/+1
|
* Disable UDP echo, chargen, date, and daytime services.wollman1994-12-211-4/+4
|
* Uncomment uucpd by default, it is working and secure nowache1994-12-191-1/+1
|
* Change the example line for popper to point to /usr/local/libexec/popperats1994-11-181-1/+1
| | | | instead of /usr/local/etc/popper. The 2.0 installation installs it there.
* Secure fingerd by defaultpst1994-09-291-1/+1
|
* Disable rexecd by default (major security hole)pst1994-09-291-1/+1
|
* Add an entry for pcnfsd (commented out)pst1994-09-281-0/+1
|
* Added comment about registerd and kpasswdd not working in 1.x.wollman1994-06-131-1/+1
| | | | | | Deleted commented-out line which would start mountd; that's not the right pplace to do it (don't confuse the users). Should probablyhave uncommented rpc.rstatd, but didn't.
* Comment out uucpd, not properly configured as defaultache1994-05-311-4/+4
| | | | Comment out walld/rusersd/rstatd, may be too verbose
* Uncomment uucpd, now it worksache1994-05-311-4/+4
| | | | | Uncomment rstatd/rusersd/rwalld all three worked mountd still commented out, I remember some problem with it
* Added entries for sup into services.ats1993-12-051-0/+4
| | | | Added an example entry for the pop3 popper into inetd.conf as a comment.
* Change space to tab in ruserd line per Guido van Rooijrgrimes1993-10-211-2/+2
|
* Disable rpc services so that inetd no longer hangs when you are notrgrimes1993-10-131-3/+5
| | | | | | | running portmapper. These are site specific functionality and should only be enabled for sites that want them, not by default. These services REQUIRE portmapper to be running
* Entries so RPC servers are started.jtc1993-09-231-0/+5
|
* Added /etc/networks to the files that get installed, some how it gotrgrimes1993-09-021-1/+1
| | | | | dropped out of the Makefile. Commented out talk in inetd.conf since it refers to the old non-existent otalkd.
* Initial import of 386BSD 0.1 othersrc/etcrgrimes1993-06-201-0/+34
OpenPOWER on IntegriCloud