Re: Offering external services, rlogins, smtp etc: how does it work?

To: debian-user@lists.debian.org
Cc: mark@ist.flinders.edu.au
Subject: Re: Offering external services, rlogins, smtp etc: how does it work?
From: Nathan E Norman <nnorman@canaris.midco.net>
Date: Wed, 5 Jul 2000 19:32:21 -0500
Message-id: <[🔎] 20000705193221.H11146@midco.net>
Mail-followup-to: nnorman@midco.net, debian-user@lists.debian.org, mark@ist.flinders.edu.au
In-reply-to: <[🔎] 20000706095611.C11421@destiny.ist.flinders.edu.au>; from mark@ist.flinders.edu.au on Thu, Jul 06, 2000 at 09:56:11AM +0930
References: <[🔎] 20000706095611.C11421@destiny.ist.flinders.edu.au>

On Thu, Jul 06, 2000 at 09:56:11AM +0930, Mark Phillips wrote:
> Hi, 
> 
> I am a little confused about how the external services thing works.
> 
> Suppose for example you want to allow exteral rlogins to your
> computer.  I presume you modify the inetd.conf file to include the line:
> 
> login stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.rlogind
> 
> Now when is this file read?  Is it only when you do something like
> "/etc/init.d/inetd restart", or is it whenever an external machine
> asks to connect to one of your ports?

It's read every time inetd starts, or you send inetd a "HUP" signal
like "kill -hup `cat /var/run/inetd.pid`" or "/etc/init.d/inetd
reload"

> Now am I right in thinking that there is not an rlogin daemon running
> all the time, listening for rlogin connections?  I think what happens
> is that inetd listens for connections, and then if it receives one for
> rlogin, it executes in.rlogind --- one for each incomming connection
> --- is that right?

Sort of.  First it executes /usr/sbin/tcpd which applies rules found
in /etc/hosts/allow and /etc/hosts.deny.
 
> Now the above is all correct, I'm still a little confused, because
> what about smtp?  Currently I have the following line in inetd.conf
> 
> #disabled#smtp stream tcp nowait mail /usr/sbin/exim exim -bs
> 
> So it is disabled, yet mail still works on my system!  Is this because
> it is handled through a different mechanism?  I notice that I have the
> following process:

It's disabled in inetd ... doesn't mean it's disabled for the system!
 
> mail 286 0.0 0.3 2324 204 ?  S Jun24 0:00 /usr/sbin/exim -bd -q30m
                                                            ^^
"Be a Daemon" - exim opens port 25 itself and forks off children as
connections arrive.  inetd is out of the picture altogether.
 
> Which I am guessing does the job instead of inetd?  If so, why do it
> this way instead of through inetd?

Daemons are fast - you skip the overhead of inetd!  On the other hand,
sometimes inetd gives you more security (it depends on the service).
 
> Any clarifications of my understanding of these things would be much
> appreciated.

Hope this helps.

-- 
Nathan Norman         "Eschew Obfuscation"          Network Engineer
GPG Key ID 1024D/51F98BB7            http://home.midco.net/~nnorman/
Key fingerprint = C5F4 A147 416C E0BF AB73  8BEF F0C8 255C 51F9 8BB7

Attachment: pgpk4qHate3bc.pgp
Description: PGP signature

Reply to:

References:
- Offering external services, rlogins, smtp etc: how does it work?
  - From: Mark Phillips <mark@ist.flinders.edu.au>

Prev by Date: Re: Image copy of a floppy, how?
Next by Date: GQL Library.
Previous by thread: Offering external services, rlogins, smtp etc: how does it work?
Next by thread: Re: Offering external services, rlogins, smtp etc: how does it work?
Index(es):
- Date
- Thread