Turning off services

To: Debian-user <debian-user@lists.debian.org>
Subject: Turning off services
From: mdevin@ozemail.com.au
Date: Wed, 15 Aug 2001 12:19:53 +1000
Message-id: <[🔎] 20010815121953.D603@beast.home.net>
Mail-followup-to: Debian-user <debian-user@lists.debian.org>

I am trying to learn a little more about just what daemons I need
running for the system to work and what I can do without.

Now, when I installed Debian, I told dselect to not install things like:
ftpd, telnetd, fingerd, talkd, and identd.  From memory, the installer
wanted to put these on by default.  Anyway, I told it not to.  I also
have a firewall (iptables) which blocks all ports on the external
interface unless the packets are part of an already established
transmission (initiated from my computer).

Now, if I go through my /etc/rc2.d directory and look at all the things
getting started.  There are only the following:
S10sysklogd       S20cupsys   S20inetd    S20postfix  S99rmnologin
S12kerneld        S20gpm      S20logoutd  S89atd
S15firewall_deny  S20hotplug  S20makedev  S89cron
The firewall_deny is just my firewall script.
So the only daemons that can be connected to I think are:
cupsys, inetd, and postfix

Now, I can read through the manual on securing cups and postfix (I
think)  But how do I go about inetd?

My inetd.conf looks like:
-----------------------------------------------------------------------
# <service_name> <sock_type> <proto> <flags> <user> <server_path> <args>
#
#:INTERNAL: Internal services
#echo           stream  tcp     nowait  root    internal
#echo           dgram   udp     wait    root    internal
#chargen        stream  tcp     nowait  root    internal
#chargen        dgram   udp     wait    root    internal
discard         stream  tcp     nowait  root    internal
discard         dgram   udp     wait    root    internal
daytime         stream  tcp     nowait  root    internal
#daytime        dgram   udp     wait    root    internal
time            stream  tcp     nowait  root    internal
#time           dgram   udp     wait    root    internal

#:STANDARD: These are standard services.

#:BSD: Shell, login, exec and talk are BSD protocols.

#:MAIL: Mail, news and uucp services.
#disabled#smtp          stream  tcp     nowait  mail    /usr/sbin/exim exim -bs

#:INFO: Info services

#:BOOT: Tftp service is provided primarily for booting.  Most sites
# run this only on machines acting as "boot servers."

#:RPC: RPC based services

#:HAM-RADIO: amateur-radio services

#:OTHER: Other services
-----------------------------------------------------------------------

So, I am not sure just what I need and what I don't.  I know my firewall
blocks it all - but I still want to understand what all this stuff in
inetd is for.  I am just a little confused about the inetd.conf file.
Normally, a # is used to comment out things.  But, when I had exim
(instead of postfix) the Mail line looked like:
#smtp          stream  tcp     nowait  mail    /usr/sbin/exim exim -bs
But exim would get run through inetd.  So it wasn't commented out?  Then
when I installed postfix, the installer changed the line to what it is
now (with "#disabled" in front)

Also, what are discard, daytime and time for.  Do I need them?  If I
comment them out will that stop the OS from accessing the hardware
clock?

Thanks for educating me.

Mark.

Reply to:

Prev by Date: Re: Why is Debian lagging so much behind Slackware?
Next by Date: Re: Why is Debian lagging so much behind Slackware?
Previous by thread: Re: Netscape as root, sndconfig
Next by thread: when procmailrc is wacky, what happens to the mail?
Index(es):
- Date
- Thread