HPE Community
Operating System - HP-UX
1834931 Members
2565 Online
110071 Solutions
New Discussion

Re: Securing /etc/inetd.conf /etc/services + simple question

 
SOLVED
Go to solution
Daniel Simard
Frequent Advisor

‎05-29-2003 10:21 AM

‎05-29-2003 10:21 AM

Securing /etc/inetd.conf /etc/services + simple question

Hi!
I am currently working on securing my /etc/inetd.conf file and /etc/service. Here are my little questions.

Could you give me the best url for a list of ALL ports/services and their functionality (if we need them opened or not).

Also, I was wondering if you could tell me what the following service does.

registrar stream tcp nowait root /etc/opt/resmon/lbin/registrar /etc/opt/resmon/lbin/registrar

I see tons and tons of registrar entries in my syslog and I was wondering if I can simply disable this service. Is this service needed for EMS to work ?
Si tu n'as pas ce que tu aimes, aimes ce que tu as.
0 Kudos
Reply
6 REPLIES 6
Paula J Frazer-Campbell
Honored Contributor

‎05-29-2003 10:32 AM

‎05-29-2003 10:32 AM

Solution

Re: Securing /etc/inetd.conf /etc/services + simple question

Hi

Ports here:-

http://www.opendoor.com/doorstop/ports.html

Have a look at ems setup - are there any errors with this entry in syslog?

Paula
If you can spell SysAdmin then you is one - anon
Reply
Paula J Frazer-Campbell
Honored Contributor

‎05-29-2003 10:36 AM

‎05-29-2003 10:36 AM

Re: Securing /etc/inetd.conf /etc/services + simple question

Sorry that ports list was mac biased.
If you can spell SysAdmin then you is one - anon
Reply
James R. Ferguson
Acclaimed Contributor

‎05-29-2003 10:37 AM

‎05-29-2003 10:37 AM

Re: Securing /etc/inetd.conf /etc/services + simple question

Hi Daniel:

You can gain quite a bit of insight into ports and services that can be disabled (notably the "little TCP" services like 'echo', 'chargen', etc. by reading this classic whitepaper:

http://www.hp.com/products1/unix/operating/infolibrary/whitepapers/building_a_bastion_host.pdf

As for 'registrar', it is a part of EMS.

Regards!

...JRF...
Reply
Paula J Frazer-Campbell
Honored Contributor

‎05-29-2003 10:45 AM

‎05-29-2003 10:45 AM

Re: Securing /etc/inetd.conf /etc/services + simple question

Port numbers here:-

http://www.iana.org/assignments/port-numbers


James -- registrar in syslog ? some thing I havent seen.

Paula
If you can spell SysAdmin then you is one - anon
Reply
S.K. Chan
Honored Contributor

‎05-29-2003 10:50 AM

‎05-29-2003 10:50 AM

Re: Securing /etc/inetd.conf /etc/services + simple question

I'll answer the "registrar" related question. Leave it on if you're enabling EMS to monitor your system hardware. If you disable it, you'll have problem with EMS, that is you may not get notified if EMS sees any hardware problem. I've seen it EMS broke because this was commented in inetd.conf. How do these logged entries looked like in your syslog.log ?
Reply
Sridhar Bhaskarla
Honored Contributor

‎05-29-2003 10:51 AM

‎05-29-2003 10:51 AM

Re: Securing /etc/inetd.conf /etc/services + simple question

Hi,

Whenever a query is made to view the resources configured under EMS, registrar is used to report the information. For ex.,

$resls /system/status/cpu/lpmc
contacting Registrar on xxxxxxx
..
.


If you are using EMS monitors inside ServiceGuard, then do not disable this service.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.