HPE Community
Operating System - HP-UX
1834149 Members
2298 Online
110064 Solutions
New Discussion

Perfview and inetd.conf services

 
SOLVED
Go to solution
Bolek Mynarski
Frequent Advisor

‎11-16-2001 07:31 AM

‎11-16-2001 07:31 AM

Perfview and inetd.conf services

I am trying to secure my HP-UX systems so I started by doing the obvious: turning off all unnecessary services in inetd.conf file. However, after doing so, perfview stops working. My question is, which services in inetd.conf are used by perfview?

Thanks.
It'snever too late to learn new things...
0 Kudos
Reply
6 REPLIES 6
Ian Dennison_1
Honored Contributor

‎11-16-2001 07:38 AM

‎11-16-2001 07:38 AM

Re: Perfview and inetd.conf services

Check /etc/services for PV*; I found 'pvserver' and 'pvalarm' (382 and 383).

Cheers, Ian
Building a dumber user
0 Kudos
Reply
harry d brown jr
Honored Contributor

‎11-16-2001 07:42 AM

‎11-16-2001 07:42 AM

Re: Perfview and inetd.conf services

If you are securing a WEB server, then you should not open up any ports, but this means you will have to find an alternative method, say tape backups to move the perfview data.

Are you following these docs?:

http://people.hp.se/stevesk/bastion.html


live free or die
harry
Live Free or Die
0 Kudos
Reply
Roger Baptiste
Honored Contributor

‎11-16-2001 07:44 AM

‎11-16-2001 07:44 AM

Solution

Re: Perfview and inetd.conf services

<>

Obviously, some were not so unnecessary ;-)
The first suspects would be rpc* related services. Reenable them are restart inetd.

Is Measureware running on the system?
mwa status -?
Restart measureware.

Also run #perfstat and see what the status is.

If error persists, pls post the error message.

HTH
raj
Take it easy.
Reply
harry d brown jr
Honored Contributor

‎11-16-2001 07:49 AM

‎11-16-2001 07:49 AM

Re: Perfview and inetd.conf services

When MeasureWare Agent is sending alarms to PerfView, the protocol used to connect to port 135 on the PerfView system was changed from UDP to TCP, regardless of the version of PerfView. If you previously had MeasureWare Agent communicating to PerfView through a firewall, port 135/UDP was open in the firewall. This must be changed in the firewall configuration to open port 135/TCP.

http://docs.hp.com/cgi-bin/fsearch/framedisplay?top=/hpux/onlinedocs/B4967-90033/B4967-90033_top.html&con=/hpux/onlinedocs/B4967-90033/00/00/5-con.html&toc=/hpux/onlinedocs/B4967-90033/00/00/5-toc.html&searchterms=perview&queryid=20011116-074943

By default, MeasureWare Agent uses dynamically allocated socket port numbers for interprocess communication. To communicate through a packetfiltering network firewall, you must configure the MeasureWare Agent servers
to use statically defined port numbers.

http://docs.hp.com/hpux/pdf/B4967-90044.pdf

live free or die
harry
Live Free or Die
0 Kudos
Reply
Bolek Mynarski
Frequent Advisor

‎11-16-2001 07:52 AM

‎11-16-2001 07:52 AM

Re: Perfview and inetd.conf services

Hi RajMan,

That was the first thing I did. Of course, after doing it, re-reading inetd.conf and restarting measureware, it came back on line but which of rpc services it's using? What I have are these:

-rpc xti tcp
-rpc dgram udp
-recserv stream tcp
-registrar stream tcp


From the previous post, it appears that it uses TCP protocol, so I guess, I can rule rpc dgram udp out. If that's the case, the only rpc service left would be xti. It's too bad that there is no comment in inetd.conf saying that this service is used by pefview (or for that matter in a documentation. But to be fair, I wasn't looking too hard).

P.S. I have also noticed that if you disable ident, perfview will stop working too...
It'snever too late to learn new things...
0 Kudos
Reply
Roger Baptiste
Honored Contributor

‎11-16-2001 07:55 AM

‎11-16-2001 07:55 AM

Re: Perfview and inetd.conf services

hi,

To figure out what services it is using, you can do

Before starting the application (perfview here)
do netstat -a >/tmp/netstat.before

Start the application and then
do netstat -a >/tmp/netstat.after

and check the difference to see which ports are being used.
Also, you can trace the processes through glance and see what Files(ports) it has opened.

HTH
raj
Take it easy.
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.