System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

services daytime, time and ident

SOLVED
Go to solution
Carme Torca
Super Advisor

services daytime, time and ident

Hi,

I would like to know if this services (daytime, time and ident) are necessary to work in an hpux with and without cluster, because we have security people that want to eliminated this services.

Thank-you very much!
Carmen.

Users are not too bad ;-)
4 REPLIES
Johnson Punniyalingam
Honored Contributor
Solution

Re: services daytime, time and ident

>>>I would like to know if this services (daytime, time and ident) are necessary to work <<

http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=1123907

>>in an hpux with and without cluster,<<

http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=1394174


Thanks,
Regards,
Johnson
Problems are common to all, but attitude makes the difference
Dennis Handly
Acclaimed Contributor

Re: services daytime, time and ident

They are absolutely correct, you don't need these.
Horia Chirculescu
Honored Contributor

Re: services daytime, time and ident

Hello,

Please read this thread about identd:

http://bizsupport1.austin.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&taskId=110&prodSeriesId=3203314&prodTypeId=18964&objectID=c01680756

The rest of the services I believe can be safely stopped (even recommended becouse can be used for some kind of attack based on echo packets).

Horia.
Best regards from Romania,
Horia.
Matti_Kurkela
Honored Contributor

Re: services daytime, time and ident

"daytime" and "time" are not necessary. You can disable them.

"ident" is required/recommended for a Serviceguard cluster. This requirement depends on Serviceguard version; newer versions allow disabling it, but it's recommended to keep it running, as it improves Serviceguard security.

However, it needs to be available for cluster members only. You could use an inetd.sec file to implement this restriction.

See "man 4 inetd.sec".

Also, see the release notes of your Serviceguard version and/or Chapter 5 of the "Managing Serviceguard" manual, section "Managing the running cluster", heading "Disabling identd".

This whitepaper offers advice for securing Serviceguard and some more information about its use of the ident service:
http://docs.hp.com/en/5874/securingserviceguard0903.pdf

MK
MK