topic Re: question about inetd.sec in Operating System - HP-UX

question about inetd.sec

lin.chen — Tue, 31 Oct 2006 04:55:26 GMT

usally I use inetd.sec to restrict some service about network,such as ftp and telnet,etc.
Now I have a question,does the inetd.sec can restrict all services list in /etc/services,or the inetd.sec only can restrict the service controlled by inetd.conf?
for example, if i want to restrict certain IP address to use database by inetd.sec,can I?

Re: question about inetd.sec

rariasn — Tue, 31 Oct 2006 05:05:27 GMT

Hi lin.chen

# man inetd.sec

...
Lines in inetd.sec beginning with # are comments. Comments are not
allowed at the end of a line of data.

The lines in the file contain a service name, permission field, and
the Internet addresses or official names of the hosts and networks
allowed to use that service in the local host. The fields in each
line are as follows:

service name is the name (not alias) of a valid service in file
/etc/services. The service name for RPC-based services (NFS) is the
name (not alias) of a valid service in file /etc/rpc. A service name
in /etc/rpc corresponds to a unique RPC program number.

rgs,

Re: question about inetd.sec

Peter Godron — Tue, 31 Oct 2006 05:06:25 GMT

Hi,
the /etc/services file specifies ports and protocols allowed to connect. Once you have allowed a connection on a port and set up the service to handle the requests, you can use inetd.sec to control further security.

Seem "man inetd.sec"
"The fields in each line are as follows:

service name is the name (not alias) of a valid service in file /etc/services."

Re: question about inetd.sec

Bob Ingersoll — Wed, 01 Nov 2006 14:40:52 GMT

umm, this isn't all that difficult to figure out. The first sentence of the inetd.sec manpage states:

"inetd.sec - optional security file for inetd"

inetd.sec restricts access ONLY to inetd services in /etc/services and /etc/rpc; not to other services.