Re: inetd questions
Simple rule for tightening a machine, if you don't know what it does,
disable..as for all the things you mentioned, you will be able to disable
them without a problem.
The command lsof can help with finding out what process is accessing what
ports. Also running ps -ef and looking at all the process' running on your
machine, if you are unsure about a process find out what it does...do you
really need it? If you look and see things you don't know a man "process
name" ususally helps.
Cheers,
Stewart James
On Mon, 30 Jul 2001, Nate Bargmann wrote:
> Date: Mon, 30 Jul 2001 22:20:13 -0500
> From: Nate Bargmann <n0nb@networksplus.net>
> To: debian-security@lists.debian.org
> Subject: inetd questions
> Resent-Date: Tue, 31 Jul 2001 13:22:42 +1000 (EST)
> Resent-From: debian-security@lists.debian.org
>
> Hi All.
>
> Recently some members of my LUG were cracked on their dial-up machines.
> With that in mind, I've taken it upon myself to tighten things up and
> understand what the system is doing. A recuring mystery to me is some
> of the services enabled/disabled in /etc/inetd.conf. In particular, how
> critical are the internal services of echo, chargen, discard, daytime,
> and time. Which of these are security risks and which are necessary for
> a smooth running network?
>
> Many texts say something like, "disable unneeded services in inetd.conf"
> which is great advice, until one is unsure what is needed. Most of the
> other services are self explanatory.
>
> A second question. I have performed some nmap scans on my machines and
> noted a couple ports listed as unkown services. How can I indetify
> these mysteries either by cross referencing them to a PID or by some
> other means.
>
> Thanks,
>
> - Nate >>
>
>
Reply to: