Re: best practice for updating inetd.conf with a user-chosen port?
"Giacomo A. Catenazzi" <email@example.com> writes:
> Francesco P. Lovergine wrote:
>> On Wed, Mar 11, 2009 at 04:56:20PM +0100, Giacomo A. Catenazzi wrote:
>>> how to had new services in /etc/services database?
>> Asking netbase maintainer(s)? Just read /etc/services about that.
> Hmm. Reading your and dato answers, it seems I wrote wrongly my mail.
> The question (still in subject) was how to have admin-chosen
> ports for some services. The first proposal was to dynamically change
> port in inetd configuration.
> I proposed to move the dynamic port in the "/etc/services" level, not
> necessary modifying such file, but in a way accessible to getservbyname(3).
> But now I'm not sure about:
> - if it is a good thing to have admin choosed ports
Many people run services on non standard ports to avoid password and
vulnerability scanners. The kind that repedatly tries to lock into
your sshd with stupid user/pass combos.
> - if /etc/services level is the right thing to do.
I don't think you can do this through /etc/services. Say I want my
proftpd to run on port 2121 so I change ftp to 2121. Now suddenly
applications would look for ftp.debian.org on port 2121.