disabled in xinetd doesn't work?
Hello,
I have spent a fair amount of time trying to limit access to my
desktop. One thing I have done is switched over to xinetd and I have
moved most services into xinetd.conf.
Aug 18 11:03:48 c119756-b xinetd[27786]: xinetd Version 2.1.8.8p3 started with
Aug 18 11:03:48 c119756-b xinetd[27786]: libwrap
Aug 18 11:03:48 c119756-b xinetd[27786]: options compiled in.
Aug 18 11:03:48 c119756-b xinetd[27786]: Started working: 16 available
services
One of the things I have tried is to use the disabled= keyword in the
default section, but it doesn't seem to work. Above is part of
daemon.log when I start xinetd and here is the defaults section
of xinetd.conf:
# This file generated by xconv.pl, included with the xinetd
# package. xconv.pl was written by Rob Braun (bbraun@synack.net)
[...]
# The defaults section sets some information for all services
defaults
{
#The maximum number of requests a particular service may handle
# at once.
instances = 10
# The type of logging. This logs to a file that is specified.
# Another option is: SYSLOG syslog_facility [syslog_level]
log_type = FILE /var/log/servicelog
# What to log when the connection succeeds.
# PID logs the pid of the server processing the request.
# HOST logs the remote host's ip address.
# USERID logs the remote user (using RFC 1413)
# EXIT logs the exit status of the server.
# DURATION logs the duration of the session.
log_on_success = PID
# What to log when the connection fails. Same options as above
log_on_failure = HOST RECORD
# Deny everything
# Commented out because I don't know how it works with oidentd
only_from =
# The maximum number of connections a specific IP address can
# have to a specific service.
per_source = 5
# Internally disabled
disabled = time daytime chargen discard servers services xadmin
}
[It goes on from here...]
Any idea why this is not working? As with other questions I have had
concerning my use of Debian, I am trying to do this, while maintaining
compatability with the package system.
Thanks for any suggestions.
Brian Flaherty
--
/"\
\ / ASCII RIBBON CAMPAIGN
X AGAINST HTML MAIL
/ \
Reply to: