SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I think that if you want to set up NFS at some point, then it is used for that, but aside from that, I think it really only applies if you are running a server. I write under correction however
I think that if you want to set up NFS at some point, then it is used for that, but aside from that, I think it really only applies if you are running a server. I write under correction however
But from a security point of view that I have read in CERT, xinetd makes security better than slack's default inetd. So, why just for servers?
I know that other distros use xinetd, but I would have to laugh at the concept that they are 'more secure' than a well-thought out Slackware server or desktop/laptop.
I think you need to take all claims with a grain of salt. inetd works, is stable, and foremost, does the job. I'm fairly sure there is a reason why Pat has decided to stick with inetd instead of xinetd. There might be other, hidden issues that makes xinetd not feasible for Slackware.
First and foremost, I do not know. This is exactly the reason why I posted this question. Second, although I did not assume that CERT is indeed the fountain of knowledge for all things security, I think there is a reason behind them promoting xinetd instead of just the default inetd.[HTML]http://www.cert.org/tech_tips/unix_security_checklist2.0.html[/HTML]
Quote:
I think you need to take all claims with a grain of salt.
Indeed, which is why I am asking for everyone's opinion regarding the subject.
xinetd is a replacement for inetd that is more configurable. inetd is a fairly dangerous program because it has no built in protection from malicious attacks (e.g. tar-pitting, flooding, etc.). xinetd HAS built in configurable protections against such attacks.
inetd will happily take as many connections as an attacker will send until your box crashes, it will also happliy try and keep up with data-flooding attacks until your box crashes. Xinetd has configurations to limit these kinds of attacks.
And what are the ups and downs of using xinetd on slack?
The UPs are that it's safer than inetd. The DOWN is that you have to compile, install and configure it yourself. As of this writing, there's no package for S12 on linuxpackages.net.
I think that if you want to set up NFS at some point, then it is used for that, but aside from that, I think it really only applies if you are running a server.
No. Even if you don't run a 'server', if your box uses inetd for ANYTHING, xinetd will make your box more attack resiliant.
Why, exactly, is xinetd 'more secure' than inetd?
Xinetd has built in protection mechanisms against malicious flood-style attacks, inetd has none.
I know that other distros use xinetd, but I would have to laugh at the concept that they are 'more secure' than a well-thought out Slackware server or desktop/laptop.
They are probably less secure in most areas but, xinetd does offer you more protection.
...Pat has decided to stick with inetd instead of xinetd.
Pat is pretty much a wait and see kinda guy with Slackware. My guess is that he's waiting to see if xinetd is a fad or something.
Indeed, which is why I am asking for everyone's opinion regarding the subject.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.