HPE Community
Operating System - HP-UX
1836611 Members
3675 Online
110102 Solutions
New Discussion

Identify /etc/inetd.conf services that can be disabled

 
SOLVED
Go to solution
Tim Ryan
Advisor

‎11-12-2001 11:43 AM

‎11-12-2001 11:43 AM

Identify /etc/inetd.conf services that can be disabled

I'd like to identify the services that aren't being used in /etc/inetd.conf and disable them. Is there an easy way to track what I'm using and what's safe to delete? I'm running in a MC/ServiceGuard environment and I don't want to disable any of my running packages functionalities.

Any ideas would be appreciated!
0 Kudos
Reply
8 REPLIES 8
harry d brown jr
Honored Contributor

‎11-12-2001 11:45 AM

‎11-12-2001 11:45 AM

Re: Identify /etc/inetd.conf services that can be disabled


http://people.hp.se/stevesk/bastion.html

live free or die
harry
Live Free or Die
Reply
James R. Ferguson
Acclaimed Contributor

‎11-12-2001 11:53 AM

‎11-12-2001 11:53 AM

Solution

Re: Identify /etc/inetd.conf services that can be disabled

Hi Tim:

You're free to disable what you don't want. 'echo', 'chargen', 'daytime' and 'discard' are good candidates for removal as they are most useful on test servers for socket and network developement and are potentially exploitable for ill. Do *not* disable services named 'hacl-'. These are your (H)gh-(A)vailability (CL)uster ones!

Regards!

...JRF...
Reply
Craig Rants
Honored Contributor

‎11-12-2001 11:57 AM

‎11-12-2001 11:57 AM

Re: Identify /etc/inetd.conf services that can be disabled

If you are interested in securing you box with this file, this link may be of interest.

Good Luck,
C
http://www.uwsg.indiana.edu/security/inetd.html
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
Reply
Bill Hassell
Honored Contributor

‎11-12-2001 12:06 PM

‎11-12-2001 12:06 PM

Re: Identify /etc/inetd.conf services that can be disabled

You can take the approach: nothing until proven that I need it. So comment out everything except telnet and ftp...later, you might add login/shell/exec (the 'r' commands) but it all depends on how secure you want to be. Leave out bootpd, finger, ntalk and ident as well as the rpc stuff unless you need it...but get a good reason.


Bill Hassell, sysadmin
Reply
Tim Ryan
Advisor

‎11-12-2001 12:12 PM

‎11-12-2001 12:12 PM

Re: Identify /etc/inetd.conf services that can be disabled

What is ident?

-Tim
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

‎11-12-2001 12:22 PM

‎11-12-2001 12:22 PM

Re: Identify /etc/inetd.conf services that can be disabled

Hi Tim:

From the man pages (1M) for 'identd':

"identd is a server which implements the TCP/IP proposed standard IDENT user identification protocol as specified in the RFC 1413 document.

identd operates by looking up specific TCP/IP connections and returning the user name of the process owning the connection."

Regards!

...JRF...
Reply
Roger Baptiste
Honored Contributor

‎11-12-2001 02:31 PM

‎11-12-2001 02:31 PM

Re: Identify /etc/inetd.conf services that can be disabled

<>

Identification protocol
To get live info on any port,
you can do
telnet portnumber

-raj
Take it easy.
Reply
Bill Hassell
Honored Contributor

‎11-12-2001 06:45 PM

‎11-12-2001 06:45 PM

Re: Identify /etc/inetd.conf services that can be disabled

Since ident provides information about user names on the target system, it is a security risk to leave it running. Same with fingerd.


Bill Hassell, sysadmin
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.