Re: r- commands needs to be disabled

shameemsoft · ‎12-26-2009

Dear,

I need to disable following r-commands on hp ux 11.31

/usr/bin/rcp
/usr/bin/rsh
/usr/bin/rdate
/usr/bin/rdist
/usr/bin/rpcinfo
/usr/bin/rup
/usr/bin/ruptime
/usr/bin/rusers
/usr/bin/rwho

Below lines in /etc/inetd.conf are dealing with first two services.

login stream tcp nowait root /usr/lbin/rlogind rlogind
shell stream tcp nowait root /usr/lbin/remshd remshd
exec stream tcp nowait root /usr/lbin/rexecd rexecd

It is already disabled.

I need to check other commands except first three commands

Is it related to below lines in /etc/inetd.conf file?

#rpc stream tcp nowait root /usr/sbin/rpc.rexd 100017 1 rpc.rexd
#rpc dgram udp wait root /usr/lib/netsvc/rstat/rpc.rstatd 100001 2-4 rpc.rstatd
#rpc dgram udp wait root /usr/lib/netsvc/rusers/rpc.rusersd 100002 1-2 rpc.rusersd
#rpc dgram udp wait root /usr/lib/netsvc/rwall/rpc.rwalld 100008 1 rpc.rwalld
#rpc dgram udp wait root /usr/sbin/rpc.rquotad 100011 1 rpc.rquotad
#rpc dgram udp wait root /usr/lib/netsvc/spray/rpc.sprayd 100012 1 rpc.sprayd

Kindly clarify on this.

Michal Kapalka (mikap) · ‎12-26-2009

hi,

it should be ok now.

mikap

shameemsoft · ‎12-26-2009

Dear

Thanks for your response.

Other than first three commands is related with all rpc entries in /etc/inetd.conf?

Sorry to ask again since i need to confirm this to our security team.

Thanks

Michal Kapalka (mikap) · ‎12-27-2009

hi,

from the inetd.conf

##
#
# rpc services, registered by inetd with portmap
# Do not uncomment these unless your system is running portmap!
#
##
# WARNING: The rpc.mountd should now be started from a startup script.
# Please enable the mountd startup script to start rpc.mountd.
##
#rpc stream tcp nowait root /usr/sbin/rpc.rexd 100017 1 rpc.rexd
#rpc dgram udp wait root /usr/lib/netsvc/rstat/rpc.rstatd 100001 2-4 rpc.rstatd
#rpc dgram udp wait root /usr/lib/netsvc/rusers/rpc.rusersd 100002 1-2 rpc.rusersd
#rpc dgram udp wait root /usr/lib/netsvc/rwall/rpc.rwalld 100008 1 rpc.rwalld
#rpc dgram udp wait root /usr/sbin/rpc.rquotad 100011 1 rpc.rquotad
#rpc dgram udp wait root /usr/lib/netsvc/spray/rpc.sprayd 100012 1 rpc.sprayd
#rpc xti tlcotsod wait root /usr/lib/gss/gssd 100234 1 gssd

snip from /etc/rc.config.d/nfsconf ==>

#
# rpc.mountd configuration. See mountd(1m)
#
# START_MOUNTD: 1 if rpc.mountd should be started by a system startup script.
# 0 if /etc/inetd.conf has an entry for mountd.
# Note: rpc.mountd should be started from a system startup script,
# however, it can be started from either nfs.server or inetd, and
# MUST only be configured in one place.
#
START_MOUNTD=1

mikap

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: r- commands needs to be disabled

r- commands needs to be disabled