Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Disabling entries on inetd.conf (AIX).
Operating Systems AIX Disabling entries on inetd.conf (AIX). Post 302972466 by system.engineer on Thursday 5th of May 2016 04:56:49 PM
Old 05-05-2016
Disabling entries on inetd.conf (AIX).
Hello,

We're working on securing the AIX environment. started with disabling unused services on AIX.

Below are the entries which are not commented on my test LPAR (even other LPARs).

Code:
ntalk   dgram   udp     wait    root    /usr/sbin/talkd         talkd
daytime stream  tcp     nowait  root    internal
time    stream  tcp     nowait  root    internal
daytime dgram   udp     wait    root    internal
time    dgram   udp     wait    root    internal
caa_cfg stream  tcp6    nowait  root    /usr/sbin/clusterconf clusterconf >>/var/adm/ras/clusterconf.log 2>&1
xmquery dgram   udp6    wait    root    /usr/bin/xmtopas xmtopas -p3



I believe ntalk is used for conversation purpose (between users), can disable that. I'm going to disable caa_cfg, since we are not using any cluster software.

I would like to leave "xmquery" as it is, since its not going to impact security. Please correct me if am wrong ?


I've a question about below entries

daytime
time

will it affect my server functionality in anyway If I disable these services ?

Please provide your comments/suggestions. thanks
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

inetd.conf file = gone on my home linux box

Hi there I'm trying to set up swat on my linux box at home and when i read the man pages on it it says that i have to edit a file called inetd.conf but i did a search like find / -name inetd.conf but it only comes up with this. /etc/linuxconf/archive/Home-Office/etc/inetd.conf find:... (2 Replies)
Discussion started by: nemex
2 Replies

2. UNIX for Advanced & Expert Users

Linux file corresponding to HP-UX inetd.conf

Hi!!, I have been working on a HP UX box all these days.. For adding a user defined service, I used to put an entry for this service corresponing to a port number in /etc/services. These services were then defined in inetd.conf. Now I have moved to Mandrake linux. I can find a file named... (2 Replies)
Discussion started by: jyotipg
2 Replies

3. Red Hat

inetd.conf in linux

I need to put the following line in inetd.conf: stats stream tcp nowait nobody /usr/local/bin/mrtgsysinfo mrtgsysinfo but my version of linux don't seem to allow that, ie there is no inetd.conf. How do i set that up in linux (red hat enterprise 3). (15 Replies)
Discussion started by: frankkahle
15 Replies

4. UNIX for Dummies Questions & Answers

Cannot edit inetd.conf???

I'm trying to edit the inetd.conf but for some reason when I vi into it, it says "Read Only" even though I am root and the perms are 777?!? (2 Replies)
Discussion started by: shorty
2 Replies

5. Solaris

Script for turning processes in etc/inetd.conf on and off

Anyone have a perl script that can be run via a web browser to turn ftp or telnet on and off in etc/inetd.conf ? Believe it or not but I ride a motorcycle a lot in the summer and carry a laptop in my saddlebags to connect from almost anywhere via Verizon alongside the highway. However, have too... (0 Replies)
Discussion started by: thomi39
0 Replies

6. AIX

Disabling an ASCI terminal in AIX versions 3 and 4

Hi, I tried to do some research on this subject, but got nothing conclusive. I have the following need: I have different servers with AIX versions 3.2.5 through 4.3.2. Some of them have two ASCI terminals connected. I have a shell script that is executed by a user on the main console... (2 Replies)
Discussion started by: andrei_r20
2 Replies

7. AIX

Disabling SSH direct access for an AIX user

Hello everyone, Can anyone help me please. I want to disable SSH direct access for an AIX user. For example, if I have USER1 and USER2. I want to disactivate direct access for USER2. The user must enter his login (USER1) and his password and then he can do su - USER2 . Thanks, (3 Replies)
Discussion started by: adilyos
3 Replies

8. AIX

Disabling SNMP in AIX 7.1

Hi, I am planning to disable SNMP in our AIX LPARs. wanted to see by disabling in a test LPAR. before that, I would like to check disabling this SNMP will impact any of our application or database in anyway. what kind of other software depends on these SNMP daemons ? Can you please let me... (9 Replies)
Discussion started by: system.engineer
9 Replies

9. AIX

Can I get some clue on disabling SSLv1, v3 and TLS1.0 on AIX

Hi, We've a requirement to disable the protocols SSLv3, SSL v2 and TLS 1.0. And have TLS 1.2 enabled using AEAD (Authentication Encryption with Associated Data). This is the only information i have, I'm not sure how to proceed, was trying to find information using google. Can you... (6 Replies)
Discussion started by: system.engineer
6 Replies

10. Shell Programming and Scripting

Script to update rsyslog.conf and auditd.conf

Hello all, Newbie here. I'm currently tasked with updating rsyslog.conf and auditd.conf on a large set of servers. I know the exact logging configurations that I want to enable. I have updated both files on on a server and hope to use the updated files as a template for the rest of the... (3 Replies)
Discussion started by: Mide
3 Replies

LEARN ABOUT REDHAT

perlos400

PERLOS400(1)						 Perl Programmers Reference Guide					      PERLOS400(1)

NAME

       README.os400 - Perl version 5 on OS/400

DESCRIPTION

       This document describes various features of IBM's OS/400 operating system that will affect how Perl version 5 (hereafter just Perl) is com-
       piled and/or runs.

       By far the easiest way to build Perl for OS/400 is to use the PASE (Portable Application Solutions Environment), for more information see
       http://www.iseries.ibm.com/developer/factory/pase/index.html This environment allows one to use AIX APIs while programming, and it provides
       a runtime that allows AIX binaries to execute directly on the PowerPC iSeries.

       Compiling Perl for OS/400 PASE

       The recommended way to build Perl for the OS/400 PASE is to build the Perl 5 source code (release 5.8.1 or later) under AIX.

       The trick is to give a special parameter to the Configure shell script when running it on AIX:

	 sh Configure -DPASE ...

       The default installation directory of Perl under PASE is /QOpenSys/perl.  This can be modified if needed with Configure parameter -Dpre-
       fix=/some/dir.

       Starting from OS/400 V5R2 the IBM Visual Age compiler is supported on OS/400 PASE, so it is possible to build Perl natively on OS/400.  The
       easier way, however, is to compile in AIX, as just described.

       If building natively on PASE, please do the build under the /QOpenSys directory, since Perl is happier when built on a case sensitive
       filesystem.

       Installing Perl in OS/400 PASE

       If you are compiling on AIX, simply do a "make install" on the AIX box.	Once the install finishes, tar up the /QOpenSys/perl directory.
       Transfer the tarball to the OS/400 using FTP with the following commands:

	 > binary
	 > site namefmt 1
	 > put perl.tar /QOpenSys

       Once you have it on, simply bring up a PASE shell and extract the tarball.

       If you are compiling in PASE, then "make install" is the only thing you will need to do.

       The default path for perl binary is /QOpenSys/perl/bin/perl.  You'll want to symlink /QOpenSys/usr/bin/perl to this file so you don't have
       to modify your path.

       Using Perl in OS/400 PASE

       Perl in PASE may be used in the same manner as you would use Perl on AIX.

       Scripts starting with #!/usr/bin/perl should work if you have /QOpenSys/usr/bin/perl symlinked to your perl binary.  This will not work if
       you've done a setuid/setgid or have environment variable PASE_EXEC_QOPENSYS="N".  If you have V5R1, you'll need to get the latest PTFs to
       have this feature.  Scripts starting with #!/QOpenSys/perl/bin/perl should always work.

       Known Problems

       When compiling in PASE, there is no "oslevel" command.  Therefore, you may want to create a script called "oslevel" that echoes the level
       of AIX that your version of PASE runtime supports.  If you're unsure, consult your documentation or use "4.3.3.0".

       If you have test cases that fail, check for the existence of spool files.  The test case may be trying to use a syscall that is not imple-
       mented in PASE.	To avoid the SIGILL, try setting the PASE_SYSCALL_NOSIGILL environment variable or have a handler for the SIGILL.  If you
       can compile programs for PASE, run the config script and edit config.sh when it gives you the option.  If you want to remove fchdir(),
       which isn't implement in V5R1, simply change the line that says:

       d_fchdir='define'

       to

       d_fchdir='undef'

       and then compile Perl.  The places where fchdir() is used have alternatives for systems that do not have fchdir() available.

       Perl on ILE

       There exists a port of Perl to the ILE environment.  This port, however, is based quite an old release of Perl, Perl 5.00502 (August 1998).
       (As of July 2002 the latest release of Perl is 5.8.0, and even 5.6.1 has been out since April 2001.)  If you need to run Perl on ILE,
       though, you may need this older port: http://www.cpan.org/ports/#os400 Note that any Perl release later than 5.00502 has not been ported to
       ILE.

       If you need to use Perl in the ILE environment, you may want to consider using Qp2RunPase() to call the PASE version of Perl.

AUTHORS

       Jarkko Hietaniemi <jhi@iki.fi> Bryan Logan <bryanlog@us.ibm.com> David Larson <larson1@us.ibm.com>

perl v5.8.0							    2003-02-18							      PERLOS400(1)
All times are GMT -4. The time now is 08:14 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy