HPE Community
Operating System - HP-UX
1834391 Members
1643 Online
110066 Solutions
New Discussion

diabling identd

 
Amy_18
New Member

‎04-05-2003 11:26 AM

‎04-05-2003 11:26 AM

diabling identd

I work for a company whose products run HP-UX 10.20. Recently, one of our customers ran some network security scanning program that identified problems with the way the computer was configured. I have managed to make all of the warnings go away except this one about identd.

"Ident daemon can be used to remotely gather servers' running usernames." The suggested remedy is to disable identd.

After reading through these forums, I thought I had the solution, but a rescan showed I was not successful. This is what I have done.

Commented out the line in /etc/inetd.conf that started with auth (there wasn't one that started with ident, but the auth line called /usr/lbin/identd) and ran identd -c.

Please let me know if there is something else I need to do. Since the vulnerability level of this problem is low, the customer is satisfied with the setup, but it's driving me crazy. Thanks.
0 Kudos
Reply
3 REPLIES 3
Patrick Wallek
Honored Contributor

‎04-05-2003 11:38 AM

‎04-05-2003 11:38 AM

Re: diabling identd

You said "Commented out the line in /etc/inetd.conf that started with auth (there wasn't one that started with ident, but the auth line called /usr/lbin/identd) and ran identd -c."

Hopefully you meant you ran 'inetd -c' after you finished. If you didn't do that, then do it now.

Commenting something out in inetd.conf and having inetd rescan it's config file should solve your problem.

You might also want to check the /etc/services file and comment out any identd or auth entry there too. The do an 'inetd -c' again.
0 Kudos
Reply
Duncan Edmonstone
HPE Pro

‎04-05-2003 11:40 AM

‎04-05-2003 11:40 AM

Re: diabling identd

Amy,

Is that a typo, or did your really run 'identd -c'. That wouldn't stop identd from running! If you really ran 'inetd -c' though (which would cause the inetd daemon to re-read the inetd.conf file) then that should stop the identd daemon from running.

HTH

Duncan

I am an HPE Employee
Accept or Kudo
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎04-05-2003 06:28 PM

‎04-05-2003 06:28 PM

Re: diabling identd

To stop the daemon temporarily inetd -k

To keep it from running at startup.

cd /sbin/rc3.d

remove the soft link that includes the name inetd

Of course if you do that you might have some trouble working with your box.

I'd recommend installing Secure shell to replace some of the important services that inetd. provides. ftp, ssh replaces secure shell. You'll want to read the docs on how use the services first.

A link to the free software is included. For 10.20 you'll have to actually compile the software.

Here you go.

http://hpux.cs.utah.edu/hppd/hpux/Networking/Admin/openssh-3.6.1p1/

Good luck.

BTW, inetd can be made secure with access limits in a file called /var/adm/inetd.sec

This lets you specify what IP addresses can use services. You can make things pretty secure that way.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.