HPE Community
Operating System - HP-UX
1827649 Members
3324 Online
109966 Solutions
New Discussion

inetd services

 
SOLVED
Go to solution
Daniel Neeves
Advisor

‎05-17-2004 03:34 AM

‎05-17-2004 03:34 AM

inetd services

Does anybody have any links to any docs on what each inetd service actually provides? I'm trying to get a security hardening project off the ground and the application guys want to know what each service is for before I can comment it out of the inetd.conf file, Any pointers much appreciated.

Dan
Like Ya Know !!
0 Kudos
Reply
11 REPLIES 11
Jeff_Traigle
Honored Contributor

‎05-17-2004 03:40 AM

‎05-17-2004 03:40 AM

Re: inetd services

How about the man pages for the various daemons specified in the inetd.conf file? (telnetd, ftpd, etc.) And for the internal services (identified in the HP supplied inetd.conf with a comment), look at the inetd man page.
--
Jeff Traigle
0 Kudos
Reply
Mel Burslan
Honored Contributor

‎05-17-2004 03:41 AM

‎05-17-2004 03:41 AM

Re: inetd services

Since inetd allows many services to be run through this daemon, I am not sure if you can find an exhaustive list of "which services do what" kind of a listing. Before commenting anything out, I would suggest looking into the utilization of /var/adm/inetd.sec to secure your inetd based connectivity. Shutting a service off is a bad way of securing a system, turning it off to the unauthorized people on IP address basis is a better mechanism in my opinion.
________________________________
UNIX because I majored in cryptology...
0 Kudos
Reply
Jeff_Traigle
Honored Contributor

‎05-17-2004 03:58 AM

‎05-17-2004 03:58 AM

Re: inetd services

I would disagree with Mel to a certain degree. Obviously, if you need a particular service running for some functional reason, it makes sense to secure it with inetd.sec. However, I fail to see why you would want to leave a service that you don't need available by leaving it on inetd.conf.
--
Jeff Traigle
0 Kudos
Reply
Doug Burton
Respected Contributor

‎05-17-2004 04:29 AM

‎05-17-2004 04:29 AM

Re: inetd services

I've tried to get this data as well. I put what I have here:
http://home.tampabay.rr.com/batcave/inetd_conf.htm
If you have any changes or additions please let me know (and yes, I think I'll go ahead and put Samba, OmniBack, etc. in it too. I just need the time to make the changes.)
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎05-17-2004 05:17 AM

‎05-17-2004 05:17 AM

Re: inetd services

One of the most fundamental rules in security: no defaults! Take away everything! Then add back specific services that are known to be needed (telnet, ftp) or switch to ssh and sftp for security. Avoid the 'r' commands (rlogin, remsh, rcp), and always turn off archaic services such as time, daytime, echo, uucp, discard, chargen. Turn off printer if your system is not going to be a printer server (it can still print but external computers can't use it as a server). Turn off finger as it is a security hole. bootps is needed only for specialized address assignment.


Bill Hassell, sysadmin
0 Kudos
Reply
Geoff Wild
Honored Contributor

‎05-17-2004 05:46 AM

‎05-17-2004 05:46 AM

Re: inetd services

Here's some liks:

http://www.uwsg.iu.edu/usail/network/services/inetd.html

http://www.bb-zone.com/SLGFG/chapter11.html

http://www.busan.edu/~nic/networking/puis/ch17_01.htm

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
0 Kudos
Reply
Sanjay_6
Honored Contributor

‎05-17-2004 05:54 AM

‎05-17-2004 05:54 AM

Re: inetd services

Hi Dan,

There is no single doc that can help you with all the daemons in the inetd.conf file. Each daemon should be having its own help file. The inetd.conf help file shows the syntax and the meaning for varios options / switched that are used for the daemons.

Other than the regular system daemons, while installing removing products on the system, we make changes to the inetd.conf file and some of the daemons that gets added to this file could be for some specific applications.

Hope this helps.

regds
0 Kudos
Reply
Rgomes
Valued Contributor

‎05-17-2004 06:57 AM

‎05-17-2004 06:57 AM

Solution

Re: inetd services

Hi Daniel,

I guess this would be a help.

regards,
Richard
Reply
generic_1
Respected Contributor

‎05-17-2004 01:56 PM

‎05-17-2004 01:56 PM

Re: inetd services

If and when you do make changes to this file remember to do a inetd -c to read in your changes :).
0 Kudos
Reply
Bharat Katkar
Honored Contributor

‎05-17-2004 05:03 PM

‎05-17-2004 05:03 PM

Re: inetd services

Hi daniel
You have got more information on inetd as of now what i would like to add in this:
Understand various files that are directly/indirectly related with inetd daemon.
1. /etc/services
2. /etc/protocols
3. /etc/inetd.conf
4. /usr/sbin/inetd
5. /sbin/init.d/inetd
6. /var/adm/inetd.sec
Command like:
1. /usr/sbin/inetd -c
2. /sbin/init.d/inetd start
3. /sbin/init.d/inetd stop

Then read more about TCP/IP protocol concepts and thier functionality.

Docs given by rgomes is very useful in understanding different port no and services/functions provided by that port.

Hope this helps

All the best

You need to know a lot to actually know how little you know
0 Kudos
Reply
Daniel Neeves
Advisor

‎05-17-2004 09:58 PM

‎05-17-2004 09:58 PM

Re: inetd services

Thanks Guys, points for all............

Dan
Like Ya Know !!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.