On Wed, Dec 05, 2007 at 11:49:07AM -0500, Chris Smith wrote: > Hello, > > When using OpenBSD only as a NAT router / Firewall with all of the > services in inetd.conf commented out is there any need to enable inetd? Hi Chris.
The only service that should (or could,depends on your point of view) be allowed from the internet is IMHO the identd service. Blocking this service may cause some delay because some mailers and irc servers are checking for this service. OTOH it may be considered as a security risc to give strangers valid usernames. (If you need inetd requests from the outside and dont want to give them valid usernames you can install a other identd, e.g. oidentd or just a fakeidentd to return an arbitrary username) > I believe it's no longer necessary for ftp-proxy and want to make sure > I'm not missing anything. I don't run ftp-proxy so I don't know about this, sorry. HTH, Andreas -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
