LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices



Reply
 
Search this Thread
Old 11-24-2006, 07:42 PM   #1
Old_Fogie
Senior Member
 
Registered: Mar 2006
Distribution: SLACKWARE 4TW! =D
Posts: 1,515

Rep: Reputation: 62
How do I determine which servers in Slack 11 are monitored by inetd / inetd.conf


Hello all,

Is there a way to see which services in Slackware can be monitored by the inetd.conf file?

My reason for asking is: I thought that the hosts.allow & hosts.deny files were referenced by the inetd.conf & it's respective daemon, and they were called/referenced before the IP tables. But apparently either I am doing something wrong, or I am mis-understanding it's applicability.

But I believed this to be the case as even the sendmail daemon & the ident daemon's that get fired up with the inetd are visible from a portscan from a different lan box even though you tell the firewall/IP tables to block them.

We can see in the /etc/services file it lists all the servers & respective ports that can be listed in the hosts.allow/deny & inetd.conf files.

In an attemp to try and utilize these tcp wrapper's, I wanted to tweak my /etc/hosts.allow/deny for samba as a test to see if I am using Slack's daemon's correctly. However, the inetd daemon fails on a server such as samba, well for me at least and I can't figure it out. I actually don't run samba but since it's a service already listed in the inetd.conf file I thought this would be a good daemon to play with and learn.

Now for the nfs daemon's they work really well with the inetd & hosts files. You simply add your exports, uncomment the daemons in the inetd.conf file, chmod - x the /etc/rc.d/rc.nfsd and you're now controlled by hosts.allow/deny. So here the tcp wrapper inetd works.

But if I take from the /etc/services file the name of the daemons that are used for samba. I chmod -x the /etc/rc.d/rc.samba and put the following into my hosts.allow:

Quote:
netbios-ns: 198.162.100.2
netbios-dgm: 198.162.100.2
netbios-ssn: 198.162.100.2
microsoft-ds: 198.162.100.2
and I un-comment the daemon's for samba in the inetd.conf file, and then restart my computer; the inetd file does in fact start samba, I can establish connections from a windows box to the linux box using the IP above.

a simple netstat -elp shows the above are controlled by inetd

BUT....if I change the ip address in windows box to something else than what's in my allow, in theory it should not work...but it does see the computer and the samba still works and I thought it's not supposed to? I thought it should have been blocked.

Now am I failing because I'm using the same user name / password in the windows box as the smbpasswd in the pass backend for samba?

I have the ident daemon turned off completely, could that be it?

I even flushed the IP/tables to make sure there was nothing welcoming all traffic from lan.

It appears the only way to setup Samba to analyze on a per lan IP basis is the /etc/samba/smb.conf file?

I see that many web-site's indicated that samba performs better when started by the initialization scripts in /etc/rc.d Maybe this is a poor example daemon for me to learn with?

How do I know which other daemons on my box will TRULY get honored by /etc/hosts.allow-.deny in slackware?
 
Old 11-25-2006, 11:52 AM   #2
kotnik
Member
 
Registered: Nov 2004
Location: Novi Sad, Serbia
Distribution: Debian, Slackware, Gentoo, openSuSE
Posts: 254

Rep: Reputation: 31
Quote:
Originally Posted by Old_Fogie
Is there a way to see which services in Slackware can be monitored by the inetd.conf file?
A lot of them can. See /etc/inetd.conf. It's pretty well commented.
 
Old 11-25-2006, 02:06 PM   #3
gilead
Senior Member
 
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,123

Rep: Reputation: 162Reputation: 162
I'm assuming that your Samba is working with TCP wrappers support (since it seems to be showing that way in netstat). How is your /etc/hosts.deny file configured? According to man 5 hosts_access, you will need a deny entry in that file or else access is granted:
Code:
ACCESS CONTROL FILES
       The access control software consults two files. The search stops at the first match:

             Access will  be  granted  when  a  (daemon,client)  pair  matches  an  entry  in  the
              /etc/hosts.allow file.

             Otherwise,  access will be denied when a (daemon,client) pair matches an entry in the
              /etc/hosts.deny file.

             Otherwise, access will be granted.

       A non-existing access control file is treated as if it were an empty file. Thus, access con-
       trol can be turned off by providing no access control files.
I have the following in /etc/hosts.deny so that the stuff specified in /etc/hosts.allow is the only stuff allowed:
Code:
ALL: ALL@ALL, PARANOID

Last edited by gilead; 11-25-2006 at 02:15 PM. Reason: I don't always think enough before clicking...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
/etc/inetd.conf ? arcturus Slackware 5 05-01-2005 04:11 PM
chrooting or jailing inetd or inetd started daemons ? MasterC Linux - Security 2 07-15-2003 06:28 PM
inetd.conf cambo Linux - Networking 2 08-06-2002 04:15 AM
Where has inetd.conf gone? Grum Linux - General 1 05-13-2002 09:04 PM
where is my /etc/inetd.conf ?? g00fy_m Linux - General 6 05-04-2002 09:40 AM


All times are GMT -5. The time now is 10:14 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration