[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SLUG] Shouldn't have fiddled :(
It's Peter "A little knowledge is a dangeous thing" Vogel back again.
Inspired by the new millennium I thought I'd take
various people's advice and improve the security of my machine by
removing unwanted services. After editing inetd.conf I rebooted
and FTP, pop-3 and other things that should still work no longer worked.
So I put back my old inetd.conf, but even after reboot I still get these
errors (and looks like the tcp services are dead)
>From /var/log/messages when I reboot:
Jan 4 11:52:30 gateway inetd[293]: ftp/tcp: unknown service
Jan 4 11:52:31 gateway inetd[293]: telnet/tcp: unknown service
Jan 4 11:52:31 gateway inetd[293]: gopher/tcp: unknown service
Jan 4 11:52:31 gateway inetd[293]: shell/tcp: unknown service
Jan 4 11:52:31 gateway inetd[293]: login/tcp: unknown service
Jan 4 11:52:31 gateway inetd[293]: talk/udp: unknown service
Jan 4 11:52:31 gateway inetd[293]: ntalk/udp: unknown service
Jan 4 11:52:31 gateway inetd[293]: pop-3/tcp: unknown service
Jan 4 11:52:31 gateway inetd[293]: finger/tcp: unknown service
Jan 4 11:52:31 gateway inetd[293]: time/tcp: unknown service
Jan 4 11:52:31 gateway inetd[293]: time/udp: unknown service
Jan 4 11:52:31 gateway inetd[293]: linuxconf/tcp: unknown service
And netstat -a gives:
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 1 0 gateway.righthemis:1026 in3.prserv.net:25 TIME_WAIT
tcp 1 0 gateway.righthemis:1025 in1.prserv.net:25 TIME_WAIT
tcp 1 0 gateway.righthemis:1024 in4.prserv.net:25 TIME_WAIT
tcp 0 0 *:80 *:* LISTEN
tcp 0 0 *:25 *:* LISTEN
tcp 0 0 gateway.righthemisph:53 *:* LISTEN
tcp 0 0 localhost:53 *:* LISTEN
tcp 0 0 *:111 *:* LISTEN
udp 0 0 *:53 *:*
udp 0 0 gateway.righthemisph:53 *:*
udp 0 0 localhost:53 *:*
udp 0 0 *:111 *:*
raw 0 0 *:1 *:*
Active UNIX domain sockets (including servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ] STREAM 1856 /dev/log
unix 2 [ ] STREAM CONNECTED 1855
unix 1 [ ACC ] STREAM LISTENING 1651 /var/run/gpmctl
unix 1 [ ] STREAM 1644
unix 2 [ ] STREAM 1589 /dev/log
unix 2 [ ] STREAM CONNECTED 1588
unix 2 [ ] STREAM 1405 /dev/log
unix 2 [ ] STREAM 1404 /dev/log
unix 2 [ ] STREAM CONNECTED 1402
unix 2 [ ] STREAM CONNECTED 1369
unix 2 [ ] STREAM 1221 /dev/log
unix 2 [ ] STREAM CONNECTED 1220
unix 1 [ ACC ] STREAM LISTENING 1177 /dev/log
Here is my whole inetd.conf:
Note echo INETD.CONF READ does not echo to the screen; is that to be
expected?
#
# inetd.conf This file describes the services that will be available
# through the INETD TCP/IP super server.
echo INETD.CONF READ
#echo stream tcp nowait root internal
#echo dgram udp wait root internal
#discard stream tcp nowait root internal
#discard dgram udp wait root internal
#daytime stream tcp nowait root internal
#daytime dgram udp wait root internal
#chargen stream tcp nowait root internal
#chargen dgram udp wait root internal
#
# These are standard services.
#
ftp stream tcp nowait root /usr/sbin/tcpd in.ftpd -l -a
telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd
gopher stream tcp nowait root /usr/sbin/tcpd gn
# do not uncomment smtp unless you *really* know what you are doing.
# smtp is handled by the sendmail daemon now, not smtpd. It does NOT
# run from here, it is started at boot time from /etc/rc.d/rc#.d.
#smtp stream tcp nowait root /usr/bin/smtpd smtpd
#nntp stream tcp nowait root /usr/sbin/tcpd in.nntpd
#
# Shell, login, exec and talk are BSD protocols.
#
shell stream tcp nowait root /usr/sbin/tcpd in.rshd
login stream tcp nowait root /usr/sbin/tcpd in.rlogind
#exec stream tcp nowait root /usr/sbin/tcpd in.rexecd
talk dgram udp wait root /usr/sbin/tcpd in.talkd
ntalk dgram udp wait root /usr/sbin/tcpd in.ntalkd
#dtalk stream tcp waut nobody /usr/sbin/tcpd in.dtalkd
#
# Pop and imap mail services et al
#
#pop-2 stream tcp nowait root /usr/sbin/tcpd ipop2d
pop-3 stream tcp nowait root /usr/sbin/tcpd ipop3d
#imap stream tcp nowait root /usr/sbin/tcpd imapd
#
# The Internet UUCP service.
#
#uucp stream tcp nowait uucp /usr/sbin/tcpd /usr/lib/uucp/uucico -l
#
# Tftp service is provided primarily for booting. Most sites
# run this only on machines acting as "boot servers." Do not uncomment
# this unless you *need* it.
#
#tftp dgram udp wait root /usr/sbin/tcpd in.tftpd
#bootps dgram udp wait root /usr/sbin/tcpd bootpd
#
# Finger, systat and netstat give out user information which may be
# valuable to potential "system crackers." Many sites choose to disable
# some or all of these services to improve security.
#
# cfinger is for GNU finger, which is currently not in use in RHS Linux
#
finger stream tcp nowait root /usr/sbin/tcpd in.fingerd
#cfinger stream tcp nowait root /usr/sbin/tcpd in.cfingerd
#systat stream tcp nowait guest /usr/sbin/tcpd /bin/ps -auwwx
#netstat stream tcp nowait guest /usr/sbin/tcpd /bin/netstat -f inet
#
# Time service is used for clock syncronization.
#
time stream tcp nowait nobody /usr/sbin/tcpd in.timed
time dgram udp wait nobody /usr/sbin/tcpd in.timed
#
# Authentication
# auth stream tcp nowait nobody /usr/sbin/in.identd in.identd -l -e -o
#
# End of inetd.conf
linuxconf stream tcp wait root /bin/linuxconf linuxconf --http
What else might I have broken??
Thanks
Peter
--
SLUG - Sydney Linux Users Group Mailing List - http://www.slug.org.au
To unsubscribe send email to slug-request@nospam.slug.org.au with
unsubscribe in the text