SunWorld: Square one: Paring down your network servicesOct 09, 2000, 00:08 (0 Talkback[s])
(Other stories by Sandra Henry-Stocker)
"A good deal of Unix network security revolves around services available on individual systems. One of the most basic and influential services on Unix systems is one that provides entry to many others. inetd, often referred to as the super server, is a service which users access indirectly. At system boot time, inetd starts up other services by listening on service-specific ports, beginning a particular service by using information in its configuration file, /etc/inetd.conf. One of the first things a sysadmin taking responsibility for a new server will do is look at /etc/inetd.conf to determine which services the server is providing on request."
"inetd is a Unix daemon. This means that it runs in the background, around the clock. When a user tries to connect to any of the services listed in inetd's configuration file, inetd issues the specified command to start that service. The user, who may be entering a Telnet session or retrieving email through a POP or IMAP service, is unaware that inetd has intercepted the request."
"Most Unix servers will run two kinds of services -- those that run through inetd (on demand) and those that start up when a system boots and run as daemons. To determine how a particular service is set up on a system, you can look for an entry in the /etc/inetd.conf file and, failing that, look for a start script in the /etc/init.d or /etc/rc?.d (/etc/rc.d/init.d and /etc/rc.d/rc?.d on Linux) directories. Processes not started through one of these mechanisms can be assumed to have been started explicitly, started indirectly (i.e., by another service), or started through cron or at commands."