- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Internet Services desactivation !
Operating System - HP-UX
1753842
Members
7741
Online
108806
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-13-2003 12:09 PM
тАО03-13-2003 12:09 PM
Hi !
I want to desactivate the next services on my HPUX server:
- smtp
- pop3
- printer
- telnet
I don??t need thats services running on my server . The connection to this server are using ssh. I had thought in comment the corresponding lines for each services in /etc/services file and in the /etc/inetd.conf file.
It??s that enough ?, or i need to consider other things.
Thank's in advance !
I want to desactivate the next services on my HPUX server:
- smtp
- pop3
- printer
- telnet
I don??t need thats services running on my server . The connection to this server are using ssh. I had thought in comment the corresponding lines for each services in /etc/services file and in the /etc/inetd.conf file.
It??s that enough ?, or i need to consider other things.
Thank's in advance !
"Enjoy the life .."
Solved! Go to Solution.
6 REPLIES 6
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-13-2003 12:14 PM
тАО03-13-2003 12:14 PM
Solution
Hi Ivan,
OK
smtp => ist run /sbin/init.d/sendmail stop then edit /etc/rc.config.d/mailservs & set SENDMAIL_SERVER=0
pop3 => refer to your pop3 server/client manual
printer => in /etc/inetd.conf comment out the line that starts printer .....
telnet => same as printer except comment out line starting with telnet .....
for the last two you must also run
inetd -c
for the changes to take effect.
HTH,
Jeff
OK
smtp => ist run /sbin/init.d/sendmail stop then edit /etc/rc.config.d/mailservs & set SENDMAIL_SERVER=0
pop3 => refer to your pop3 server/client manual
printer => in /etc/inetd.conf comment out the line that starts printer .....
telnet => same as printer except comment out line starting with telnet .....
for the last two you must also run
inetd -c
for the changes to take effect.
HTH,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-13-2003 12:20 PM
тАО03-13-2003 12:20 PM
Re: Internet Services desactivation !
In Linux, you can control pop3 through its inetd.conf which is called xinetd.conf, or through its extensions.
Not so in HP-UX. /etc/services is like a reservation system, it lets you know what the port is for but simply commenting something out there doesn't finish the job.
Since you're using ssh, I'm attaching a guide for exchanging public keys and enabling connections without passwords.
SEP
Not so in HP-UX. /etc/services is like a reservation system, it lets you know what the port is for but simply commenting something out there doesn't finish the job.
Since you're using ssh, I'm attaching a guide for exchanging public keys and enabling connections without passwords.
SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-13-2003 01:00 PM
тАО03-13-2003 01:00 PM
Re: Internet Services desactivation !
This sounds like a good start to hardening your system. You might think about a hardening tool to automate the process. Bastille has been ported to HP-UX and it will walk you through the process of disabling unneeded services on your system. It's available on software depot for FREE.
http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=B6849AA
http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=B6849AA
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-14-2003 10:31 AM
тАО03-14-2003 10:31 AM
Re: Internet Services desactivation !
I'm trying to download the HPUX Bastille software of HP website, but there isn??t available.
Some body knows of other place where i can download this software.
I forgot to attach all the ports in my last message, there are:
- smtp
- pop3
- login
- shell
- printer
I finish the desactivation of the "telnet,smtp and printer" ports. Can i use the same recommendations for desactivate the : shell,login and pop3 ports ?
Thank's in advance !
Some body knows of other place where i can download this software.
I forgot to attach all the ports in my last message, there are:
- smtp
- pop3
- login
- shell
- printer
I finish the desactivation of the "telnet,smtp and printer" ports. Can i use the same recommendations for desactivate the : shell,login and pop3 ports ?
Thank's in advance !
"Enjoy the life .."
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-14-2003 10:47 AM
тАО03-14-2003 10:47 AM
Re: Internet Services desactivation !
Probably looking in the wrong place...start in:
http://software.hp.com
(this for a *lot* of different software products) and select the "internet and security solutions" line. About halfwat down the page (or use CTRL-f to search for "secure"), you'll see this link:
http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=T1471AA
You probably want to comment out a number of other (virtually unused and archaic) service in inetd.conf:
uucp ntalk ident daytime time echo discard chargen
Then depending on what your system is doing, look at commenting out:
tftp bootps finger exec printer kshell klogin dtspc recserv
As mentioned, just comment them out (and leave them in the inetd.conf for future reference), use inetd -c to change the current system and then look at the end of syslog.log for confirmation that the services were stopped.
Bill Hassell, sysadmin
http://software.hp.com
(this for a *lot* of different software products) and select the "internet and security solutions" line. About halfwat down the page (or use CTRL-f to search for "secure"), you'll see this link:
http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=T1471AA
You probably want to comment out a number of other (virtually unused and archaic) service in inetd.conf:
uucp ntalk ident daytime time echo discard chargen
Then depending on what your system is doing, look at commenting out:
tftp bootps finger exec printer kshell klogin dtspc recserv
As mentioned, just comment them out (and leave them in the inetd.conf for future reference), use inetd -c to change the current system and then look at the end of syslog.log for confirmation that the services were stopped.
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-14-2003 01:20 PM
тАО03-14-2003 01:20 PM
Re: Internet Services desactivation !
Hello.
Comment out corresponding lines in /etc/inetd.conf and force inetd to re-read config file, i.e. inetd -c.
Check for confirmation in syslog. This is enough. You can also use telnet from remote system to verify you have connection rejected message.
If your concern is security - run iss or knocker to check for remote/local system's open ports. Once you done, the related ports will not be reported as open on your system.
Hope this helps.
-0leg
Comment out corresponding lines in /etc/inetd.conf and force inetd to re-read config file, i.e. inetd -c.
Check for confirmation in syslog. This is enough. You can also use telnet
If your concern is security - run iss or knocker to check for remote/local system's open ports. Once you done, the related ports will not be reported as open on your system.
Hope this helps.
-0leg
Professionals will prevail ...
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP