HPE Community
Operating System - HP-UX
1834811 Members
2193 Online
110070 Solutions
New Discussion

Re: inetd.conf

 
SOLVED
Go to solution
midham
Occasional Advisor

‎09-15-2004 07:09 PM

‎09-15-2004 07:09 PM

inetd.conf

Hi,

Base on our audit finding report, they ask me to disabled the following services:

1) tftp
2) login
3) shell
4) exec
5) daytime
6) time
7) discard
8) chargen

FYI we are using HPUX 11.0 and my questions are can/how do I disabled all those services? and does it affect our system?

Thanks a lot.
0 Kudos
6 REPLIES 6
KCS_1
Respected Contributor

‎09-15-2004 07:16 PM

‎09-15-2004 07:16 PM

Re: inetd.conf

Hi,

why don't you have a look at the man page of inetd.conf and inetd??

which will give you more detail

# man inetd.conf

Easy going at all.
0 Kudos
Sridhar Bhaskarla
Honored Contributor

‎09-15-2004 07:16 PM

‎09-15-2004 07:16 PM

Solution

Re: inetd.conf

Hi,

The answer is it depends. 2,3 and 4 are basically for r-commands. If your application does any kind of 'remsh|rlogin|rexec|rcp' type of stuff, then you may not want to disable them depending on the type of service. 5,6,7 and 8 can be turned off. They won't need the OS to perform and I do not believe they will be used by any OS. 'tftp' is trivial ftp. If your sysetm is acting as a tftp server (for ex., keeps the firmware|configuration etc., for routers etc.,), and if it is an ignite server then you need it. Otherwise, you can turn it off.

Simply edit /etc/inetd.conf file, comment them out and run 'inetd -c' to re-read the configuration. You should see 'deleted service' messages in /var/adm/syslog/syslog.log

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Sunil Sharma_1
Honored Contributor

‎09-15-2004 07:19 PM

‎09-15-2004 07:19 PM

Re: inetd.conf

Hi,

All these services can be disabled.
Just hash(#) the corresponding entry in /etc/inetd.conf file.

make sure no application/user uses these services before disabling services.

Sunil
*** Dream as if you'll live forever. Live as if you'll die today ***
0 Kudos
Muthukumar_5
Honored Contributor

‎09-15-2004 07:22 PM

‎09-15-2004 07:22 PM

Re: inetd.conf

Try to comments the services on /etc/services and as well as /etc/inetd.conf file.

( comment with in start with # )


Reconfigure the setup of inetd as,

inetd -c

Easy to suggest when don't know about the problem!
0 Kudos
T G Manikandan
Honored Contributor

‎09-15-2004 07:22 PM

‎09-15-2004 07:22 PM

Re: inetd.conf

Yes,you can disable them if you are hardening your OS.

Just commecnt the lines in the /etc/inetd.conf and then do a

#/usr/sbin/inetd -c
0 Kudos
midham
Occasional Advisor

‎09-15-2004 08:08 PM

‎09-15-2004 08:08 PM

Re: inetd.conf

Thanks for everyone who reply the message
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.