svn commit: r42525 - head/en_US.ISO8859-1/books/handbook/network-servers
Warren Block
wblock at FreeBSD.org
Fri Aug 9 20:37:46 UTC 2013
Author: wblock
Date: Fri Aug 9 20:37:45 2013
New Revision: 42525
URL: http://svnweb.freebsd.org/changeset/doc/42525
Log:
Clarify, improve language and tags. Committed version is a modified
version of patch included in PR, thanks to Ken Reed.
PR: docs/181117
Submitted by: Ken Reed <kreed002 at gmail.com>
Modified:
head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
==============================================================================
--- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Thu Aug 8 17:21:07 2013 (r42524)
+++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Fri Aug 9 20:37:45 2013 (r42525)
@@ -22,13 +22,14 @@
<sect1 id="network-servers-synopsis">
<title>Synopsis</title>
- <para>This chapter will cover some of the more frequently used
- network services on &unix; systems. We will cover how to
- install, configure, test, and maintain many different types of
- network services. Example configuration files are included
- throughout this chapter for you to benefit from.</para>
+ <para>This chapter covers some of the more frequently used
+ network services on &unix; systems. This includes
+ installing, configuring, testing, and maintaining
+ many different types of network services. Example
+ configuration files are included throughout this
+ chapter for reference.</para>
- <para>After reading this chapter, you will know:</para>
+ <para>By the end of this chapter, readers will know:</para>
<itemizedlist>
@@ -38,11 +39,13 @@
</listitem>
<listitem>
- <para>How to set up a network file system.</para>
+ <para>How to set up the Network File System
+ (<acronym>NFS</acronym>).</para>
</listitem>
<listitem>
- <para>How to set up a network information server for sharing
+ <para>How to set up the Network Information Server
+ (<acronym>NIS</acronym>) for centralizing and sharing
user accounts.</para>
</listitem>
@@ -52,27 +55,23 @@
</listitem>
<listitem>
- <para>How to set &os; up to act as an <acronym>LDAP</acronym>
- server or client</para>
- </listitem>
-
- <listitem>
<para>How to set up automatic network settings using
- DHCP.</para>
+ <acronym>DHCP</acronym>.</para>
</listitem>
<listitem>
- <para>How to set up a domain name server.</para>
+ <para>How to set up a Domain Name Server
+ (<acronym>DNS</acronym>).</para>
</listitem>
<listitem>
<para>How to set up the <application>Apache</application>
- HTTP Server.</para>
+ <acronym>HTTP</acronym> Server.</para>
</listitem>
<listitem>
- <para>How to set up a File Transfer Protocol (FTP)
- Server.</para>
+ <para>How to set up a File Transfer Protocol
+ (<acronym>FTP</acronym>) server.</para>
</listitem>
<listitem>
@@ -82,7 +81,8 @@
<listitem>
<para>How to synchronize the time and date, and set up a
- time server, with the NTP protocol.</para>
+ time server using the Network Time Protocol
+ (<acronym>NTP</acronym>).</para>
</listitem>
<listitem>
@@ -93,20 +93,19 @@
</itemizedlist>
- <para>Before reading this chapter, you should:</para>
+ <para>This chapter assumes a basic knowledge of:</para>
<itemizedlist>
<listitem>
- <para>Understand the basics of the
- <filename>/etc/rc</filename> scripts.</para>
+ <para><filename>/etc/rc</filename> scripts.</para>
</listitem>
<listitem>
- <para>Be familiar with basic network terminology.</para>
+ <para>Network terminology.</para>
</listitem>
<listitem>
- <para>Know how to install additional third-party
+ <para>Installation of additional third-party
software (<xref linkend="ports"/>).</para>
</listitem>
@@ -167,20 +166,14 @@
<para><application>inetd</application> is initialized through
the &man.rc.8; system. The
<literal>inetd_enable</literal> option is set to
- <literal>NO</literal> by default, but may be turned on
- by <application>sysinstall</application> during installation,
- depending on the configuration chosen by the user.
- Placing:</para>
+ <literal>NO</literal> by default. It can be enabled
+ by placing:</para>
<programlisting>inetd_enable="YES"</programlisting>
- <para>or</para>
-
- <programlisting>inetd_enable="NO"</programlisting>
-
<para>into
- <filename>/etc/rc.conf</filename> will enable or disable
- <application>inetd</application> starting at boot time.
+ <filename>/etc/rc.conf</filename>.
+ <application>inetd</application> will now start at boot time.
The command:</para>
<screen>&prompt.root; <userinput>service inetd rcvar</userinput></screen>
@@ -512,14 +505,15 @@ server-program-arguments</programlisting
because they provide
information that may be useful to an attacker.</para>
- <para>Some daemons are not security-conscious and have long, or
- non-existent, timeouts for connection attempts. This allows
- an attacker to slowly send connections to a particular daemon,
- thus saturating available resources. It may be a good idea to
- place <option>max-connections-per-ip-per-minute</option>,
- <option>max-child</option> or
- <option>max-child-per-ip</option> limitations on certain
- daemons if there are too many connections.</para>
+ <para>Some daemons are not security-conscious and have long or
+ non-existent timeouts for connection attempts. An attacker
+ can send connections to a particular daemon, eventually
+ consuming available resources and resulting in a Denial of
+ Service (<acronym>DoS</acronym>).
+ <literal>max-connections-per-ip-per-minute</literal>,
+ <literal>max-child</literal> and
+ <literal>max-child-per-ip</literal> can be used to limit
+ such attacks.</para>
<para>By default, TCP wrapping is turned on. Consult the
&man.hosts.access.5; manual page for more information on
More information about the svn-doc-head
mailing list