HPE Community
Operating System - HP-UX
1822940 Members
3866 Online
109645 Solutions
New Discussion юеВ

/etc/inetd.conf and /etc/services

 
Jessica_37
Occasional Contributor

тАО07-20-2005 08:09 AM

тАО07-20-2005 08:09 AM

/etc/inetd.conf and /etc/services

What is the exact difference from above config files? if I want to turn off the telnet, ftp, chargen... services, which file I should comment out for the specific damon or services?

As far as I know, inetd.conf is the daemon started by inetd, if comment out, then inetd would not listen to it. How about if start the services directly via /etc/services?

And /etc/services will disable the services definetly because the port is close if the line is comment out?

Can someone clarify, thanks a lot?
0 Kudos
Reply
5 REPLIES 5
A. Clay Stephenson
Acclaimed Contributor

тАО07-20-2005 08:19 AM

тАО07-20-2005 08:19 AM

Re: /etc/inetd.conf and /etc/services

/etc/services will disable no services. Its purpose is simply mapping names to port numbers. All of your work needs to be done in the inetd.conf file by commenting out via a leading '#' or editing the lines that you want to change. You have still done nothing until you issue an inetd -c command which sends a SIGHUP to inetd telling it to reread its configuration file.
If it ain't broke, I can fix that.
0 Kudos
Reply
Mel Burslan
Honored Contributor

тАО07-20-2005 08:28 AM

тАО07-20-2005 08:28 AM

Re: /etc/inetd.conf and /etc/services

well these two files work in conjunction for the lack of a better term.

instead of running a daemon process for each port listening function, there is one process listening to all inbound requests which is inetd. When a tcp or udp request comes in at a certain port, lets say another server is sending a telnet request to your server at port 23, inetd fields this request, understands that it is for port 23 and it is a tcp packet, refers to /etc/services file and finds the service definition of a tcp request coming in at port 23 as such
telnet 23/tcp # Virtual Terminal Protocol
so it understands that this is a telnet request. Then it goes to (MAKE A POINT HERE FOR FUTURE REFERENCE) /etc/inetd.conf and finds the action it needs to take for telnet, as such:

telnet stream tcp nowait root /usr/lbin/telnetd telnetd -b /etc/issue

then launches/forks a process as :

telnetd -b /etc/issue

and hands the socket to this process and leaves the communication.

Coming back to our "POINT HERE" above: there is an additional inetd security check, which is referenced inside file /var/adm/inetd.conf

so, before it checks the inetd.conf file, it looks for the restrictions for telnet depending on the incoming IP address of the packet. If it is allowed per inetd.sec, rules it continues as I explained above, if not, other side will see a "connection refused" message and connection terminates.

Hope this helps
________________________________
UNIX because I majored in cryptology...
0 Kudos
Reply
Mel Burslan
Honored Contributor

тАО07-20-2005 08:31 AM

тАО07-20-2005 08:31 AM

Re: /etc/inetd.conf and /etc/services

oh befeore I forget, modifying any of these files, requires the restart of inetd (or re-read of these files)

re-reading the files happen via running

/usr/sbin/inetd -c

but this sometimes does not yield effective results.

Best bet is killing and restarting inetd as follows

/usr/sbin/inetd -k
/usr/sbin/inetd -l

________________________________
UNIX because I majored in cryptology...
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

тАО07-20-2005 08:32 AM

тАО07-20-2005 08:32 AM

Re: /etc/inetd.conf and /etc/services

There is no need to kill inetd; all inetd's since the dawn of time respond to a kill -1 PID which is exactly what an inetd -c does.
If it ain't broke, I can fix that.
0 Kudos
Reply
Bill Alger
Occasional Advisor

тАО07-28-2005 03:10 AM

тАО07-28-2005 03:10 AM

Re: /etc/inetd.conf and /etc/services

Jessica,

You are off to a good start. Disabling services not in use, closes vulnerabilities and can improve processing speed of a server.
I wanted to send you a list of services I recommend closing.
Please note you need direct console access if you shut down telnet.
I recommend loading SSH and using that to replace telnet and ftp.

The format in the services file should look like this (using ftp as an example):

Service not shut down:
ftp 21/tcp # ARPA file transfer protocol

Services shut down:
#ftp 21/tcp # ARPA file transfer protocol

^shell #
^login #
^exec #
^comsat #
^biff #
^talk #
^discard #
^daytime #
^systat #
^dtspc #
^printer #
^uucp #
^echo #
^chargen #
^imap #
^pop #
^finger #
^rpc.*rpc.rexd #
^rpc.*rpc.rstatd #
^rpc.*rpc.rwalld #
^rpc.*rpc.sprayd #
^rpc.*rpc.rusersd #
^rpc.*rpc.rquotad #
^rpc #
^http #
^nfsd #
^lockd #
^mountd #
^pcnfsd #
^rwalld #
^swat #
^ident #
^smtp #

If you have installed OpenSSH, you should consider disabling telnet and ftp with the following entries:

^telnet #
^ftp #
^tftp #
^sftp #
^bftp #

Here are some discriptions of these services:

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.