[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [linux] FTP marche pas avec SuSE 7.2



Alain Barthélemy wrote:

Le Mercredi  4 Juillet 2001 19:15, vous avez écrit :

Xinetd est un remplaçant de inetd, on le préfère souvent à inetd, mais les
fichiers de config changes !



Tu peux sans problème convertir l'ancien format en nouveau via "itox" fournit avec xinetd.



Mon problème de ftp qui ne marchait pas m'a obligé à aller voir du cöté de xinet que je ne connaissais pas.

Quels sont ses avantages (et inconvénients!).

Un des avantages les plus intéressants, c'est que tu peux limiter le nombre d'instances et de connexions par service.

Sinon: :)

Features:

* Access control:
* Has builtin access control for stopping connections from evil bad guys, or for only allowing connections from good guys.
* Can be compiled with builtin libwrap support. Use hosts.{allow|deny}! More efficient than using tcpd!
* Tcp wrappers are good, but can only see one connection at a time. xinetd can limit the rate of incoming connections, number of incoming connections from specific hosts, or total number of connections for a service.
* Limit access to services based on access time of day.
* You can have specific services bind to specific IP's. This lets you provide different services to internal clients than external clients.
* Prevent denial of service attacks!
* With the access control capabilities of limiting the rate of incoming connections, xinetd can respond to "port bombs" in a reasonable fashion.
* If one host seems to be hogging your services, you can limit the number of simultaneous connections from a host.
* You can place limits on the size of the log files it creates, so people can't fill your disk.
* Extensive logging abilities!
* You can configure the syslog logging level for each service independently.
* If you don't want to use syslog logging, you can have each service log to a file, independent of any other service.
* It can log the start and stop times for the connection, so you can determine how long a client used your services.
* It can log extensive information about failed connection attempts.
* Offload services to a remote host
* The redir feature allows you to redirect a TCP stream to another host. This other host does not need to be an externally reachable machine. If you want to provide services on a NAT'd machine, run xinetd with the redir feature to redirect the service to a different host.
* IPv6 support
* As of the xinetd 2.1.8.8pre* series, xinetd supports IPv6.
* User interaction
* You can print different banners to the client when they have a successful connection, when their connection attempt failed, and always regardless of connection status. This can help keep your users informed of changes, and why they may be having trouble accessing services.




--
Cédric Gavage <cedric.gavage@linuxbe.org>
[www] http://linuxbe.org - http://bsdbe.org
[perso] http://cedric.gavage.com


[ Soyez précis dans vos sujets svp afin de déterminer directement ]
[ le type de demande... ]
[ Pour vous (dés)inscrire, aller sur http://linuxbe.org/ml.php ]
[ http://LinuxBe.org Contact: listmaster@linuxbe.org ]