Hi Mike,
Prevent screwing yourself on any change: make a backup copy of any file
before you change it:
cd /etc
cp inetd.conf inetd.conf.060804
vi inetd.conf
/etc/init.d/inetd restart
:
:
:
<here you recognize you are screwed>
cd /etc
cp inetd.conf.060804 inetd.conf
/etc/init.d/inetd restart
# Back to prechange status!!!
With regards to the contents of /etc/inetd.conf, you probably don't need
anything in it. To disable a service, put a hash (#) in front of the
line - no need to surround it with hashes. I suggest commenting out the
whole file, then restarting inetd. Evaluate the functionality of your
system. If you lost some functionality (maybe you DID need that FTP
server), then remove the hash on that line and restart inetd.
Remember - not all of your services come from inetd - some are
stand-alone daemons, like mail and web service.
How to determine what services are running:
netstat -a | grep LIST
How to determine what services are provided by inetd:
grep -v "^#" /etc/inetd.conf
How to determine that process is providing a particular service:
lsof -i :<port> | grep LIST
where <port> is the number of the service from /etc/services.
Example:
donelle:/etc/cron.d # lsof -i :22 | grep LIST
sshd 472 root 3u IPv6 932 TCP *:ssh (LISTEN)
How to determine established connections to your machine:
netstat -a | grep EST | grep <port>
where <port> is the number of the service from /etc/services.
- or -
lsof -i :<port> | grep EST
where <port> is the number of the service from /etc/services.
--
George Toft
CISSP, MSIS
CTO/Computer Security
AGD,LLC
www.agdllc.com
623-203-1760
Michael Havens wrote:
>
> Well, I found a book that tells how to make it so services don't start. I
> figured I would ask before I screwed myself since I am modifying
> /etc/inetd.conf
>
> I got this line:
> #<off># netbios-ssn stream tcp nowait root /usr/sbin/tcpd #/usr/sbin/smbd#
> and I think placing the # around things comments things off and then on again.
> Am I correct? I think I need samda off so I edited the last entry.
>
> What about this line:
> printer stream tcp nowait lp #/usr/lib/cups/daemon/cups-lpd cups-lpd#
> I donot have a printer at the moment but am planning on getting one. Should I
> remove the #s which I inserted?
>
> How about this line:
> #<ftp-off>#ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/proftpd
> #<disabled> ftp# stream tcp nowait root /usr/sbin/tcpd /usr/sbin/vsftpd
> is there a reason I need ftp enabled? Should I also comment out vsftp?
>
> Then there is:
> #echo stream tcp nowait root internal
> #echo dgram udp wait root internal
> #chargen stream tcp nowait root internal
> #chargen dgram udp wait root internal
> which, if my idea about the # is correct, is commented out
> According to the text I am using chargen and echo are uneccessay and should be
> commented out.
>
> Please advise.
> --
> <:-)Mike(-:>
>
> I wanted to include the text I am reading as a footnote for you to use as
> refrence. Unfortunately I am unable to because I don't know how to copy text
> out of ghostview.
>
> This message has been scanned for viruses by the VEI Internet
> Automatic Email Spam and Virus Scanner, and is believed to be free of spam or viruses.
> Please report spam to spamtrap@vei.net. If you would like 98.9 % spam blocked from your
> E-mail then go to VEI Internet for details. Anti-spam/Anti-virus is FREE with every account.
>
> http://www.vei.net/
> mailtospamtrap@vei.net
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)