LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 08-09-2003, 12:47 PM   #1
Wimpie22
Member
 
Registered: May 2003
Posts: 85

Rep: Reputation: 15
Angry My xinetd.conf is almost empty


hello,

i want to install Imap on my redhat 8.0 server and i have to remove a # in the file /etc/inetd.conf, i have xinet.conf but it's almost empty this is whats in the file

#
# Simple configuration file for xinetd
#
# Some defaults, and include /etc/xinetd.d/

defaults
{
instances = 60
log_type = SYSLOG authpriv
log_on_success = HOST PID
log_on_failure = HOST
cps = 25 30
}

includedir /etc/xinetd.d

What can i do about it normaly a the services like pop3 and so are listed in this file
~
 
Old 08-09-2003, 01:53 PM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977
maybe you should actually *read* the contents of the file....
Quote:
# Some defaults, and include /etc/xinetd.d/
look in /etc/xinetd.d
 
Old 10-06-2003, 01:36 PM   #3
neilcpp
Member
 
Registered: Jul 2003
Location: England
Distribution: Debian Jessie, FreeBSD 10.1 anything *nix to get my fix
Posts: 329

Rep: Reputation: Disabled
Hello, Ive been running linux for a while now, but never took much interest in security because it all seemed so complex. It does seem confusing to me but I am working through the basic unix security checklist v2.0. - recommended by as basic reading in this forums faq.

I found that the first file to check is the defaults for attributes set in xinetd.conf. My present file is the same as wimpie22 noted above. Before i change it i just wanted some guidance please.

Basically no remote user ever (as far as i understand) has any business logging onto any of the network services. I dont need to allow multiple instances etc. ( but I do use my machine as a sniffer to run tcpdump from time to time over ethernet).

I want to lock my system down so nothing remote can make requests to start services. im only concerned about getting a basic understanding of the defaults section & getting xinetd.conf configured sensibly at the moment.

I got a sample default file from an article by Frederik Raynal (www.xinetd.org) :

"Here is an example of defaults :

defaults
{
instances = 15
log_type = FILE /var/log/servicelog
log_on_success = HOST PID USERID DURATION EXIT
log_on_failure = HOST USERID RECORD
only_from =
per_source = 5
disabled = shell login exec comsat
disabled = telnet ftp
disabled = name uucp tftp
disabled = finger systat netstat

#INTERNAL
disabled = time daytime chargen servers services xadmin

#RPC
disabled = rstatd rquotad rusersd sprayd walld
}
"

My questions:

1. Instances & per_source. I am the only one using my system, is it safe to set instances & per_source attributes to 1? Could I set cps to 01 01 - to limit incoming connections?

2. Disabling services - ive noticed that in my distribution, the services disabled are not listed in the defaults - each server seems to have a attribute 'disable' that is either set to yes or no. This is a silly question but do i need to list the services to disable as in the example above?? -im running mandrake 9.1

The servers under the RPC heading dont seem to be installed or running on my system.

3. Can anyone please recommend any additional services in the example given above - that should be explicitly disabled??

Even if you cant help with the specific questions, i would welcome any comments from users about general experiences with configuiring the defaults of xinetd.conf

thanks in advance.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
xinetd.conf aron Linux - Security 5 12-27-2004 08:39 PM
convert from inetd.conf to xinetd.conf linuxturtle Linux - Networking 7 11-12-2003 05:23 AM
Question about xinetd.conf Typhonian Linux - General 1 09-22-2003 09:28 AM
xinetd.conf dbear Linux - Networking 8 07-20-2003 01:52 AM
xinetd.conf ltrain Linux - Security 6 05-23-2001 10:13 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 09:27 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration