On Wed, Dec 05, 2007 at 11:49:07AM -0500, Chris Smith wrote:

quoted text
> Hello,

>

> When using OpenBSD only as a NAT router / Firewall with all of the

> services in inetd.conf commented out is there any need to enable inetd?

Hi Chris.

The only service that should (or could,depends on your point of view)

be allowed from the internet is IMHO the identd service.
Blocking this service may cause some delay because some mailers and

irc servers are checking for this service.
OTOH it may be considered as a security risc to give strangers valid

usernames. (If you need inetd requests from the outside and dont want

to give them valid usernames you can install a other identd, e.g.

oidentd or just a fakeidentd to return an arbitrary username)
> I believe it's no longer necessary for ftp-proxy and want to make sure

quoted text
> I'm not missing anything.

I don't run ftp-proxy so I don't know about this, sorry.

HTH,
Andreas
--

Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of

an 8-bit operating system written for a 4-bit processor by a 2-bit

company who cannot stand 1 bit of competition.