disabling services

[Kevin Buettner]

On Jul 5, 12:09pm, Don Harrop wrote:

> In order to disable some services (like telnet) after I've got SSH up and
> working I have been commenting out the telnet lines in /etc/services.  When
> I do it this way though it keeps me from even using the telnet service
> myself (to telnet out).  What's the best way to disable services that run in
> the inet super server?

Set up some firewall rules (using one of ipfwadm, ipchains, or
netfilter) to simply block access to the ports that you want to
disable.  You can set it up to only block access from the outside thus
enabling you to continue using these services internally.

BTW, the URL for netfilter (which'll replace ipchains in 2.4) is

    http://netfilter.kernelnotes.org/

The other way to do it is to use the tcp_wrappers package to filter
incoming requests for network services.

Kevin