|
|
Sponsored Content
Operating Systems
AIX
Securing AIX
Post 302583666 by zxmaus on Wednesday 21st of December 2011 02:35:11 AM
|
|
7 More Discussions You Might Find Interesting
1. Cybersecurity
someone has access to my server...
I've got a solaris 7 box with remote access only.
many of the services don't have passwords
and someone recently messed with the shadow file
-the root: line was changed:
. password field was changed to NP
. the number after that was changed too
The... (8 Replies)
Discussion started by: sphiengollie
8 Replies
2. Shell Programming and Scripting
OK here is my problem. Ive been trying to write a script where i use the order "find".
For example if i wont to find some file in the sql_work directory using the script. You use the command: loc sql_work "q*" in order to find all the queries in the directory.
Is there any other way to do it,... (0 Replies)
Discussion started by: SolidSnake
0 Replies
3. AIX
I would like to secure a shell script from being broken out of with Ctrl-C or equivalent.
Once a user logs in, he should not be able to exit to the command prompt.
any ideas.
Thank you
J (1 Reply)
Discussion started by: jhansrod
1 Replies
4. Cybersecurity
Hi All,
I'd like to give you an example of what I am trying to achieve and perhaps you might be able to help me along.
I would like to add the following criteria to new servers, from a password aging and lockout standpoint.
-Number of failed logins before lockout: = 5
-Number of Passwords... (1 Reply)
Discussion started by: mkono
1 Replies
5. Linux
Hi all,
I have a couple of questions I've been searching on internet but I didn't find a suitable solution. The aim is that I'd like to access to my home Linux (an 8.04 Ubuntu) from outside. I already achieved with ssh, but I'd like to secure as much as I can. These are questions:
The... (2 Replies)
Discussion started by: AlbertGM
2 Replies
6. Cybersecurity
Guys, i want to securing AIX after install by scrath. Is anybody can inform about the standard port which used by AIX? (0 Replies)
Discussion started by: michlix
0 Replies
7. AIX
Every now and then I google: SecuringAIX (I write a blog by that name, so I am curious where it stands - and to my dismay I did not make the top5 today from my current location.
However, this unix.com/aix thread did make the top5- and, imho, it is lacking in clarity and ease. So, I thought I... (3 Replies)
Discussion started by: MichaelFelt
3 Replies
LEARN ABOUT DEBIAN
inetd.conf
inetd.conf(4) File Formats inetd.conf(4) NAME
inetd.conf - Internet servers database SYNOPSIS
/etc/inet/inetd.conf /etc/inetd.conf DESCRIPTION
In the current release of the Solaris operating system, the inetd.conf file is no longer directly used to configure inetd. The Solaris ser- vices which were formerly configured using this file are now configured in the Service Management Facility (see smf(5)) using inetadm(1M). Any records remaining in this file after installation or upgrade, or later created by installing additional software, must be converted to smf(5) services and imported into the SMF repository using inetconv(1M), otherwise the service will not be available. For Solaris operating system releases prior to the current release (such as Solaris 9), the inetd.conf file contains the list of servers that inetd(1M) invokes when it receives an Internet request over a socket. Each server entry is composed of a single line of the form: service-name endpoint-type protocol wait-status uid server-program server-arguments Fields are separated by either <SPACE> or <TAB> characters. A `#' (number sign) indicates the beginning of a comment; characters up to the end of the line are not interpreted by routines that search this file. service-name The name of a valid service listed in the services file. For RPC services, the value of the service-name field con- sists of the RPC service name or program number, followed by a '/' (slash) and either a version number or a range of version numbers, for example, rstatd/2-4. endpoint-type Can be one of: stream for a stream socket dgram for a datagram socket raw for a raw socket seqpacket for a sequenced packet socket tli for all TLI endpoints protocol A recognized protocol listed in the file /etc/inet/protocols. For servers capable of supporting TCP and UDP over IPv6, the following protocol types are also recognized: tcp6 udp6 tcp6 and udp6 are not official protocols; accordingly, they are not listed in the /etc/inet/protocols file. Here the inetd program uses an AF_INET6 type socket endpoint. These servers can also handle incoming IPv4 client requests in addition to IPv6 client requests. For RPC services, the field consists of the string rpc followed by a '/' (slash) and either a '*' (asterisk), one or more nettypes, one or more netids, or a combination of nettypes and netids. Whatever the value, it is first treated as a nettype. If it is not a valid nettype, then it is treated as a netid. For example, rpc/* for an RPC service using all the transports supported by the system (the list can be found in the /etc/netconfig file), equiv- alent to saying rpc/visible rpc/ticots for an RPC service using the Connection-Oriented Transport Service. wait-status This field has values wait or nowait. This entry specifies whether the server that is invoked by inetd will take over the listening socket associated with the service, and whether once launched, inetd will wait for that server to exit, if ever, before it resumes listening for new service requests. The wait-status for datagram servers must be set to wait, as they are always invoked with the orginal datagram socket that will participate in delivering the service bound to the specified service. They do not have separate "listening" and "accepting" sockets. Accordingly, do not configure UDP services as nowait. This causes a race condition by which the inetd program selects on the socket and the server program reads from the socket. Many server programs will be forked, and performance will be severely compromised. Connection-oriented services such as TCP stream services can be designed to be either wait or nowait status. uid The user ID under which the server should run. This allows servers to run with access privileges other than those for root. server-program Either the pathname of a server program to be invoked by inetd to perform the requested service, or the value internal if inetd itself provides the service. server-arguments If a server must be invoked with command line arguments, the entire command line (including argument 0) must appear in this field (which consists of all remaining words in the entry). If the server expects inetd to pass it the address of its peer, for compatibility with 4.2BSD executable daemons, then the first argument to the command should be specified as %A. No more than 20 arguments are allowed in this field. The %A argument is implemented only for services whose wait-status value is nowait. FILES
/etc/netconfig network configuration file /etc/inet/protocols Internet protocols /etc/inet/services Internet network services SEE ALSO
rlogin(1), rsh(1), in.tftpd(1M), inetadm(1M), inetconv(1M), inetd(1M), services(4), smf(5) NOTES
/etc/inet/inetd.conf is the official SVR4 name of the inetd.conf file. The symbolic link /etc/inetd.conf exists for BSD compatibility. This man page describes inetd.conf as it was supported in Solaris operating system releases prior to the current release. The services that were configured by means of inetd.conf are now configured in the Service Management Facility (see smf(5)) using inetadm(1M). SunOS 5.10 17 Dec 2004 inetd.conf(4)