hi all
i'm trying to make my system as secure as possible, in light of recent news of
networks getting broken. the first thing i did was to turn off services
spawned by the inet daemon that i don't use. currently the following are the
only ones running - i didn't turn them off since i don't know exactly what they
do:
discard
daytime
time
saft ?? What is this used for? is this like ftp?
cvspserver ?? is this safe to turn off?
i dont quite know what discard, daytime, and time do is it safe to turn these
guys off? i run nntp - does nntp rely on daytime and time?
in general is it better to use tcpserver than the inet daemon. i run qmail
which uses tcpserver and i'm planning to have sshd be spawned by tcpserver.
i've read the tcpserver is better than inet - does anyone have any opinion on
this? are there any draw backs to removing the inet daemon completely? if i
can turn off the services i've listed above i would not have any use for inet.
has anyone have any experience with SRP - Secure Remote Password. is this
similar to ssh. i've also looked at FreeS/WAN and it looks like a very good
solution to network security. is anyone using this now and how is it working
for you? while reading about FreeS/WAN i also came across DNSSEC - DNS
Security - featured in Bind-8.2.2p5, which i am using. exactly what is this
feature and how do i take advantage of it?
thanks
pd
