This set of rules is not something you'd want to use in real life, it is meant only to help exercise your installation of the tools.
Okay, you should go subscribe to the mailing list anyway. Go, do it now. I'll wait right here.
There are several replacements for inetd, including Xinetd, which is discussed in the section "Xinetd" in this chapter.
This is not entirely true; tcp wrappers can be used to control initial access to UDP-based services. Most of the services require that the daemon be left running for a short period of time after the most recent connection. This means that only the connections which require a daemon to be started will be logged and subjected to testing.
This is not a subnet mask. I'm using the CIDR-style notation to indicate the range of addresses used by the IS and Data Center LANs.
otp-md5 is actually another name for opiekey. Using it this way indicates that you are using md5-style encryption to generate the response from the pass phrase.