|
|
Sponsored Content
Top Forums
UNIX for Dummies Questions & Answers
Inetd and security
Post 21860 by ftn96 on Thursday 23rd of May 2002 05:37:09 PM
05-23-2002
Inetd and security
Ok, So I've been lazy over the past 3 years with the SCO server I maintain, as it just primarily hosts my private networked proprietary software, until now.
We have dedicated net access, in which the SCO server is not setup for and not going to be setup to connect to the internet by any direct means.
So I decided to get SuSE 8.0 professional for a firewall, and being the 'obsessive' person that I am I have over indulged myself with security issues. Which brings me to 'inetd.conf'. I got the Security Essentials by Tom Roxon, if memory serves me correctly, and I dove in head first. So I have decided to impower some of the linux security stuff on the main SCO server which leads me to
inetd.
I shutdown all most all the services, except a few that (barring my ignorance) feel that I need to keep running. This leaving me with some questions about 'chargen', 'discard', 'tcpmux' 'time' and 'daytime'.
Can someone helpme out with what these do as 'services', and any info as to what they do, exactly or somewhere in the same ballpark at least. My man pages dont say squat about chargen and discard.
Also, if I turn them off as services started by inetd, will they still be available for onetime use in other area that may "require" them?
Sorry this was so long, but thanks in advance for any information you may contribute!
P.S. I also learned that cp'ing the .profile from "/" and then editing it was not such a good idea.
We have dedicated net access, in which the SCO server is not setup for and not going to be setup to connect to the internet by any direct means.
So I decided to get SuSE 8.0 professional for a firewall, and being the 'obsessive' person that I am I have over indulged myself with security issues. Which brings me to 'inetd.conf'. I got the Security Essentials by Tom Roxon, if memory serves me correctly, and I dove in head first. So I have decided to impower some of the linux security stuff on the main SCO server which leads me to
inetd.
I shutdown all most all the services, except a few that (barring my ignorance) feel that I need to keep running. This leaving me with some questions about 'chargen', 'discard', 'tcpmux' 'time' and 'daytime'.
Can someone helpme out with what these do as 'services', and any info as to what they do, exactly or somewhere in the same ballpark at least. My man pages dont say squat about chargen and discard.
Also, if I turn them off as services started by inetd, will they still be available for onetime use in other area that may "require" them?
Sorry this was so long, but thanks in advance for any information you may contribute!
P.S. I also learned that cp'ing the .profile from "/" and then editing it was not such a good idea.
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hi!!,
I have been working on a HP UX box all these days.. For adding a user defined service, I used to put an entry for this service corresponing to a port number in /etc/services. These services were then defined in inetd.conf.
Now I have moved to Mandrake linux. I can find a file named... (2 Replies)
Discussion started by: jyotipg
2 Replies
2. Shell Programming and Scripting
Hi
I have a question, what is the purpose of this command and what will it do
"refresh -s inetd"
Thanks in Advance
Swaraj (3 Replies)
Discussion started by: kswaraj
3 Replies
3. HP-UX
--------------------------------------------------------------------------------
Hi All ,
I have a client an server among which i want to make the server an inetd process.
I have enries in etc/services and etc/inetd.conf
The enries looks like below
etc/services
servername 5551/tcp... (4 Replies)
Discussion started by: binums
4 Replies
4. HP-UX
To anyone who can help.
I am trying to get VNC running using the inetd capability and I am having problems. I have VNC running fine when I manually log into the server through FTP or SSH and start it and then start the viewer on my PC.
I have tried a few things I have found on different... (0 Replies)
Discussion started by: punkdeviant
0 Replies
5. Red Hat
I need to put the following line in inetd.conf:
stats stream tcp nowait nobody /usr/local/bin/mrtgsysinfo mrtgsysinfo
but my version of linux don't seem to allow that, ie there is no inetd.conf. How do i set that up in linux (red hat enterprise 3). (15 Replies)
Discussion started by: frankkahle
15 Replies
6. IP Networking
Hi , I need help, today I restarted the server, when the machine was up, it had been to writte in the file osmlog that :
"inetd: talk/udp: bind: Address already in use"
This message appears in ten minutes every time. Why ?
Thanks. (6 Replies)
Discussion started by: By_Jam
6 Replies
7. UNIX for Dummies Questions & Answers
I'm trying to edit the inetd.conf but for some reason when I vi into it, it says "Read Only" even though I am root and the perms are 777?!? (2 Replies)
Discussion started by: shorty
2 Replies
8. UNIX for Dummies Questions & Answers
hi,
is it ok for more than one inetd daemon running at a time?
if not okay, possible to kill the rest and make only one daemon running?
i understand that inetd is a process that enables tcp connections from external sources...kindly advise more on inetd...thanks alot..Happy New Year!:) (2 Replies)
Discussion started by: cromohawk
2 Replies
9. Solaris
Hi All,
When i am trying to restart the inetd daemon it throughing error.
Please find the message and tell me what i need to do ?
Apr 7 22:57:37 HYDOHS01 inetd: ISTATE not in environment
Apr 7 22:57:41 HYDOHS01 inetd: stop: No such file or directory
Apr 7 22:58:01 HYDOHS01 inetd: ... (5 Replies)
Discussion started by: lbreddy
5 Replies
10. Solaris
inet not running on the zone , below is the error we see on svc log
Importing 100235_1-rpc_ticotsord.xml ...Done
inetconv: Error reading from repository
inetconv: Notice: Service manifest for 100235/1 already generated as /var/svc/manifest/network/rpc/100235_1-rpc_ticotsord.xml, skipped... (0 Replies)
Discussion started by: skamal4u
0 Replies
LEARN ABOUT X11R4
mesg
MESG(1) User Commands MESG(1) NAME
mesg - display (or do not display) messages from other users SYNOPSIS
mesg [option] [n|y] DESCRIPTION
The mesg utility is invoked by a user to control write access others have to the terminal device associated with standard error output. If write access is allowed, then programs such as talk(1) and write(1) may display messages on the terminal. Traditionally, write access is allowed by default. However, as users become more conscious of various security risks, there is a trend to remove write access by default, at least for the primary login shell. To make sure your ttys are set the way you want them to be set, mesg should be executed in your login scripts. ARGUMENTS
n Disallow messages. y Allow messages to be displayed. If no arguments are given, mesg shows the current message status on standard error output. OPTIONS
-v, --verbose Explain what is being done. -V, --version Display version information and exit. -h, --help Display help text and exit. EXIT STATUS
The mesg utility exits with one of the following values: 0 Messages are allowed. 1 Messages are not allowed. >1 An error has occurred. FILES
/dev/[pt]ty[pq]? SEE ALSO
login(1), talk(1), write(1), wall(1), xterm(1) HISTORY
A mesg command appeared in Version 6 AT&T UNIX. AVAILABILITY
The mesg command is part of the util-linux package and is available from https://www.kernel.org/pub/linux/utils/util-linux/. util-linux July 2014 MESG(1)