Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Inetd and security
Top Forums UNIX for Dummies Questions & Answers Inetd and security Post 21892 by LivinFree on Friday 24th of May 2002 04:20:08 AM
Old 05-24-2002
Turn all of those off.
chargen provides a very quick and easy denial of service attack against you. The rest are just plain not needed. A good security rule is to not allow anything to run that is not necessary.

Under most circumstances, I simply turn inetd / xinetd off altogether. I don't run any servers on my home machines.
If I want to be able to connect to my machine internally via network, but leave the outside (public network) closed up, I use xinetd, since you can bind to an interface.

Even a service as benign as ntpd (as discussed below) can wreak havoc if someone wants to mess with you. Say for example, you set it up insecurely... Any person can spoof their way into tricking your machine to thinks it's another time, or even another day. Next thing you know your cron jobs are all messed up, they may be able to create / modify files on your machine (should they break in) that have different dates / times, etc...

If you're going to run a firewall, the ideal situation (assuming that this box can be dedicated to only that) would be to turn off everything. Allow console access only, no remote services, just IP forwarding. A Unix like OpenBSD works great for this, since it installs pretty bare by default.

There are a few good books out there on building firewalls. It might be a good idea to invest a few bucks in one.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Linux file corresponding to HP-UX inetd.conf

Hi!!, I have been working on a HP UX box all these days.. For adding a user defined service, I used to put an entry for this service corresponing to a port number in /etc/services. These services were then defined in inetd.conf. Now I have moved to Mandrake linux. I can find a file named... (2 Replies)
Discussion started by: jyotipg
2 Replies

2. Shell Programming and Scripting

refreshing inetd

Hi I have a question, what is the purpose of this command and what will it do "refresh -s inetd" Thanks in Advance Swaraj (3 Replies)
Discussion started by: kswaraj
3 Replies

3. HP-UX

inetd process

-------------------------------------------------------------------------------- Hi All , I have a client an server among which i want to make the server an inetd process. I have enries in etc/services and etc/inetd.conf The enries looks like below etc/services servername 5551/tcp... (4 Replies)
Discussion started by: binums
4 Replies

4. HP-UX

VNC using inetd on HPUX

To anyone who can help. I am trying to get VNC running using the inetd capability and I am having problems. I have VNC running fine when I manually log into the server through FTP or SSH and start it and then start the viewer on my PC. I have tried a few things I have found on different... (0 Replies)
Discussion started by: punkdeviant
0 Replies

5. Red Hat

inetd.conf in linux

I need to put the following line in inetd.conf: stats stream tcp nowait nobody /usr/local/bin/mrtgsysinfo mrtgsysinfo but my version of linux don't seem to allow that, ie there is no inetd.conf. How do i set that up in linux (red hat enterprise 3). (15 Replies)
Discussion started by: frankkahle
15 Replies

6. IP Networking

Error inetd

Hi , I need help, today I restarted the server, when the machine was up, it had been to writte in the file osmlog that : "inetd: talk/udp: bind: Address already in use" This message appears in ten minutes every time. Why ? Thanks. (6 Replies)
Discussion started by: By_Jam
6 Replies

7. UNIX for Dummies Questions & Answers

Cannot edit inetd.conf???

I'm trying to edit the inetd.conf but for some reason when I vi into it, it says "Read Only" even though I am root and the perms are 777?!? (2 Replies)
Discussion started by: shorty
2 Replies

8. UNIX for Dummies Questions & Answers

too many inetd running

hi, is it ok for more than one inetd daemon running at a time? if not okay, possible to kill the rest and make only one daemon running? i understand that inetd is a process that enables tcp connections from external sources...kindly advise more on inetd...thanks alot..Happy New Year!:) (2 Replies)
Discussion started by: cromohawk
2 Replies

9. Solaris

Inetd problem

Hi All, When i am trying to restart the inetd daemon it throughing error. Please find the message and tell me what i need to do ? Apr 7 22:57:37 HYDOHS01 inetd: ISTATE not in environment Apr 7 22:57:41 HYDOHS01 inetd: stop: No such file or directory Apr 7 22:58:01 HYDOHS01 inetd: ... (5 Replies)
Discussion started by: lbreddy
5 Replies

10. Solaris

Inetd not running on zone

inet not running on the zone , below is the error we see on svc log Importing 100235_1-rpc_ticotsord.xml ...Done inetconv: Error reading from repository inetconv: Notice: Service manifest for 100235/1 already generated as /var/svc/manifest/network/rpc/100235_1-rpc_ticotsord.xml, skipped... (0 Replies)
Discussion started by: skamal4u
0 Replies

LEARN ABOUT DEBIAN

nntp-pull

NNTP-PULL(1)							 nntp-pull manual						      NNTP-PULL(1)

NAME

       nntp-pull - fetch articles from the server to the mbox

SYNOPSIS

       nntp-pull [options...] groupname [groupname...]

DESCRIPTION

       Fetch messages from the server and save them into the mailbox (mbox format). Every argument is supposed to be a name of group, optionally
       followed by a '>' character and mbox filename. If the mbox filename is omitted, it defaults to the name of the group.

       Besides global options (described in sinntp(1)), nntp-pull command takes following options:

       --limit=N
	   Pull at most N messages.

       --reget
	   Start from the first available message.

EXAMPLES

       nntp-pull --server=news.example.org --limit=50 'comp.os.linux>os-linux' Fetches at most the 50 newest articles from the newsgroup
       comp.os.linux located on news.example.org server and appends them to the os-linux mailbox file.

       nntp-pull --server=news.example.net --reget --limit=3 comp.os.windows Fetches at most the 3 oldest articles from the newsgroup
       comp.os.windows located on news.example.net server and appends them to the comp.os.windows mailbox file.

SEE ALSO

       sinntp(1)

COPYRIGHT

       Copyright (C) 2009, 2010, 2011 Piotr Lewandowski, Jakub Wilk

nntp-pull 1.5							    2012-04-18							      NNTP-PULL(1)
All times are GMT -4. The time now is 07:25 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy