Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: inet services, open ports etc
Top Forums UNIX for Dummies Questions & Answers inet services, open ports etc Post 14702 by LivinFree on Tuesday 5th of February 2002 08:38:35 AM
Old 02-05-2002
Don't touch them in /etc/services... that basically just maps the port numbers to service names... If you remember what you took out, put it back!

You need to check /etc/inetd.conf (in most cases) for any un-commented lines (without a "#" at the beginning of the line), then restart inetd ("killall -1 inetd" will force inetd to restart on the fly).

In some cases, you'll need to also check "xinetd" (some Linux variants use it, like newer Redhat versions). And to disable some of the other services, you have to disable them from the rc startup scripts.

Please respond with the Linux variant and version you are using, and I'll do my best to help.
 

10 More Discussions You Might Find Interesting

1. Cybersecurity

closing open ports

/* Linux Slackware */ Nmap shows the following ports open on the gateway. 21/tcp ftp 22/tcp ssh 23/tcp telnet 25/tcp smtp 37/tcp time 80/tcp http 113/tcp auth 515/tcp printer 587/tcp submission 1024/tcp kdm 6000/tcp x11 ------------------------------- i would like to close as... (10 Replies)
Discussion started by: LowOrderBit
10 Replies

2. UNIX for Dummies Questions & Answers

ports and services

hello all, in order for me to close ports and remove services that could be a danger to my system i have edited the /etc/initd.conf file, /etc/system file, and renamed some of the r commands. However i wanted to know if anyone knows how to turn off all services and close ALL known ports, so i... (3 Replies)
Discussion started by: Holistic
3 Replies

3. UNIX for Advanced & Expert Users

determining open ports

hi all 1) how to determine available ports in a box (solaris) do i have to go for a netstat on all the ports? 2) how to block a particular port for a particular type of connection. Any help would be greatly appreciated Thanks (7 Replies)
Discussion started by: matrixmadhan
7 Replies

4. Shell Programming and Scripting

Check open ports every ...

Hello, i need a script (bash type maybe?..), which would check open ports on 127.0.0.1 and then compare open ports with "registered/allowed" port list and try to kill the program who uses unregistered ports. It would be great that script would be started lets say every 5 or 10 minutes. You see i... (2 Replies)
Discussion started by: MorchiuS
2 Replies

5. AIX

Open Ports on System

Hi Every body, What is the command on AIX 5.2 that can be used to get all open ports? (2 Replies)
Discussion started by: aldowsary
2 Replies

6. Solaris

open ports solaris 8

Hello, I have a number of Solaris 8 Sun servers that have open ports that I cannot identify. I see some with 1013-1023 (which are reserved ports according to the IANA. Lsof does not identify these. I rebooted the server and they went off, but this morning I saw they were all back on again. Any... (1 Reply)
Discussion started by: csgonan
1 Replies

7. Solaris

Open ports in solaris 10

hi guys, may i know the exact steps to open a port in solaris.i have some rough idea - which is adding the port number in /etc/services. but i am not sure the correct conventions, steps or any other steps. kindly advise.thanks guys ! (1 Reply)
Discussion started by: cromohawk
1 Replies

8. UNIX for Dummies Questions & Answers

open ports and services

just a quick question: a. whats the simplest command to check open port and the corresponding services? example: bash-2.05# netstat -an | grep LISTEN *.199 *.* 0 0 49152 0 LISTEN *.8989 *.* 0 0 49152 ... (1 Reply)
Discussion started by: lhareigh890
1 Replies

9. IP Networking

Open/close of ports

Hi, I have read some forum theads about the open and close ports. some points are clear and it is not working on my machine or something am i missing? I have commented out a port /etc/services, one application uses then when i use the telnet <hostname> <port_blocked> it shows connected..... (1 Reply)
Discussion started by: balamv
1 Replies

10. Linux

Ip_local_reserved_ports - How do i verify that kernel does not allow these ports to others services

Hi Team, I am using RHEL 7.3. I had added few port numbers in /proc/sys/net/ipv4/ip_local_reserved_ports. Now how do I verify that kernel does not allow to a service which requests random ports for its services. Thanks in Advance Hariharan Gopal (0 Replies)
Discussion started by: hariharan.gopal
0 Replies

LEARN ABOUT DEBIAN

reconf-inetd

RECONF-INETD(8) 					  System Administration Utilities					   RECONF-INETD(8)

NAME

       reconf-inetd - utility to update /etc/inetd.conf and restart inetd

SYNOPSIS

       reconf-inetd [--verbose]
       reconf-inetd --sanity-check=fragment [... fragment]

DESCRIPTION

       reconf-inetd  is  a  maintainer	tool  that  updates  inetd.conf.  Such	updates  are  based on xinetd.conf-like configuration fragments in
       /usr/share/reconf-inetd (where server packages install their fragments) and /usr/lib/reconf-inetd (where reconf-inetd keeps track of  which
       inetd.conf entries have been added by itself).

       reconf-inetd  identifies  every	inetd.conf  entry  based on the combination of three fields: service name, protocol, and server path. This
       allows multiple inetd.conf entries for the same service, eg. for IPv4 and IPv6 versions, as well as for different  upstreams  (eg.  proftpd
       versus ftpd-ssl).

       reconf-inetd will not add inetd.conf entries for services whose server path is non-existent, or whose combination of protocol, service name
       and server path matches an existing inetd.conf entry.

       reconf-inetd does not support internal services.

OPTIONS

       -h, --help
	      show this help message and exit

       -c FRAGMENTS_TO_CHECK, --sanity-check=FRAGMENTS_TO_CHECK
	      test the validity of the xinetd.conf-like configuration fragments, as specified by a space-separated list of files

       -v, --verbose
	      explain what happens

       -V, --version
	      show version and exit

FILES

       reconf-inetd declares a file-based dpkg trigger on /usr/share/reconf-inetd.  Shadow fragment files are stored in /var/lib/reconf-inetd.

       A log file is kept at /var/log/reconf-inetd.log

FRAGMENT STRUCTURE

       reconf-inetd fragments are a much simplified version of xinetd.conf(5) fragments. They have this structure:

	      service <service_name>
	      {
		     <attribute> = <value> <value> ...
		     ...
	      }

       Of the wide range of fields foreseen by xinetd.conf(5), reconf-inetd honors only these fields:

	 socket_type
	 protocol	   (optional, except for RPC and unlisted services)
	 port		   (optional, except for unlisted non-RPC services)
	 wait
	 user
	 server
	 server_args	   (optional)

       If the protocol field is omitted and the service is listed, reconf-inetd will  assume  the  protocol  of  the  first  matching  entry  from
       /etc/services.  That  will be tcp or udp, which currently implies IPv4, so if the intention is IPv6, then tcp6 or udp6 should be explicitly
       specified in the protocol field.

       Unlike, regular xinetd fragment files, reconf-inetd fragment files must have only one service per file. A package that provides	more  than
       one service must install a separate fragment file for each service. This is the case to allow for removal of individual services, by simply
       removing the related file.

       /usr/share/reconf-inetd fragments are not configuration files; they're just input to reconf-inetd.  Local  admin  configuration	should	be
       applied to inetd.conf

       tcpd-configured	service  fragments will typically have server set to /usr/sbin/tcpd and server_args will start with the path to the actual
       server executable.

       Follows a reproduction of valid atrribute values from xinetd.conf(5):

       socket_type Possible values for this attribute include:

	      stream	  stream-based service

	      dgram	  datagram-based service

	      raw	  service that requires direct access to IP

	      seqpacket   service that requires reliable sequential datagram transmission

       protocol
	      determines the protocol that is employed by the service.	The protocol must exist in  /etc/protocols.   If  this	attribute  is  not
	      defined, the default protocol employed by the service will be used.

       port   determines the service port.

       wait   This  attribute  determines  if the service is single-threaded or multi-threaded and whether or not xinetd accepts the connection or
	      the server program accepts the connection. If its value is yes, the service is single-threaded; this means that  xinetd  will  start
	      the  server  and	then it will stop handling requests for the service until the server dies and that the server software will accept
	      the connection. If the attribute value is no, the service is multi-threaded and xinetd will keep handling new service  requests  and
	      xinetd  will  accept the connection. It should be noted that udp/dgram services normally expect the value to be yes since udp is not
	      connection oriented, while tcp/stream servers normally expect the value to be no.

       user   determines the uid for the server process. The user attribute can either be numeric or a name. If a  name  is  given  (recommended),
	      the user name must exist in /etc/passwd.	This attribute is ineffective if the effective user ID of xinetd is not super-user.

       server determines the program to execute for this service.

       server_args
	      determines the arguments passed to the server.

FRAGMENT EXAMPLES

       Here is an example fragment:

	   service finger
	   {
	       socket_type = stream
	       protocol = tcp6
	       wait = no
	       user = nobody
	       server = /usr/sbin/fingerd
	   }

       and it's tcpd-enabled version:

	   service finger
	   {
	       socket_type = stream
	       protocol = tcp6
	       wait = no
	       user = nobody
	       server = /usr/sbin/tcpd
	       server_args = /usr/sbin/fingerd
	   }

BUGS

       Known issues and missing features are listed in /usr/share/doc/reconf-inetd/TODO

HISTORY

       reconf-inetd  is  a  replacement for update-inetd. The motivation for and design of reconf-inetd is detailed at the Debian Enhancement Pro-
       posal 9, at http://dep.debian.net/deps/dep9/, a copy of which is locally available at /usr/share/doc/reconf-inetd/dep9.html

AUTHOR

       reconf-inetd was designed, documented and implemented by Serafeim Zanikolas <sez@debian.org>

SEE ALSO

       inetd.conf(5), xinetd.conf(5), inetd(8), update-inetd(8), deb-triggers(5)

reconf-inetd 1.120603						     June 2012							   RECONF-INETD(8)
All times are GMT -4. The time now is 05:46 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy