“A good deal of Unix network security revolves around services
available on individual systems. One of the most basic and
influential services on Unix systems is one that provides entry to
many others. inetd, often referred to as the super server, is a
service which users access indirectly. At system boot time, inetd
starts up other services by listening on service-specific ports,
beginning a particular service by using information in its
configuration file, /etc/inetd.conf. One of the first things a
sysadmin taking responsibility for a new server will do is look at
/etc/inetd.conf to determine which services the server is providing
on request.”
“inetd is a Unix daemon. This means that it runs in the
background, around the clock. When a user tries to connect to any
of the services listed in inetd’s configuration file, inetd issues
the specified command to start that service. The user, who may
be entering a Telnet session or retrieving email through a POP or
IMAP service, is unaware that inetd has intercepted the
request.”
“Most Unix servers will run two kinds of services — those that
run through inetd (on demand) and those that start up when a system
boots and run as daemons. To determine how a particular service is
set up on a system, you can look for an entry in the
/etc/inetd.conf file and, failing that, look for a start script in
the /etc/init.d or /etc/rc?.d (/etc/rc.d/init.d and /etc/rc.d/rc?.d
on Linux) directories. Processes not started through one of these
mechanisms can be assumed to have been started explicitly, started
indirectly (i.e., by another service), or started through cron or
at commands.”