[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How do I disable (close) ports?

Dmitriy Kropivnitskiy [jeld@mindless.com] wrote:
> [snip stuff which is correct]
> can point out that portmap, https, https, mysql etc cannot be stopped this 
> way. As for the inetd managed services you should comment stuff out of 
> inetd.conf or better disable inetd altogether.
I my opinion inetd (and better still xinetd) is a Good Thing (TM).  It allows
you to add access control lists easily to services which may not a have a
good if even have a access control system.  It also allows you to write a
network program quickly without having to learning about network protocols
(really) and instead do everything through stdin/stdout.

Also it gives you a very nice way to add unpackaged services, cleanly and
securely to your machine.  Also the program you are running only runs as with
a certain user privilage and doesn't need to be root to bind to a port less
than 1024.

My preference is to use xinetd over statically loaded services.  However I do
only run linux on a laptop and small student flat server.  For services which
are being constantly being started and stopped then (x)inetd is a bad idea.
Another thing is that (x)inetd saves memory and resources if you are only
occasionly using the server as it only starts the service when it is needed.

Things not to run under inetd would be, apache, mysql, etc

have fun


/ Money is a powerful aphrodisiac. But \
| flowers work almost as well.         |
|                                      |
\ -- Lazarus Long                      /
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||

Attachment: pgp0b2DvIxjgr.pgp
Description: PGP signature

Reply to: