Linux Today: Linux News On Internet Time.

Linux Journal: Your Network's Secret Life, Part 4

Aug 04, 2001, 21:15 (0 Talkback[s])
(Other stories by Marcel Gagné)

[ Thanks to 2more0 for this link. ]

"In the last couple of weeks, I have had a number of people ask me to consider a small side trip in this series. Classic wisdom says you do not turn on any network services you do not need, and, in past articles, I have explained how services are turned on and off through your /etc/inetd.conf file. The problem, as one reader pointed out, is that after he upgraded his system to Red Hat 7.1, inetd appeared to be gone, replaced with something called xinetd. Worse, things weren't quite working the way he expected--after upgrading to Red Hat 7.1, he noticed that he could no longer log on from his home clients and /etc/inetd.conf was gone. Since you, the readers, are my raison d'être, I will take some time from this discussion of network monitoring to cover xinetd. Besides, as it turns out, we do a little monitoring here as well.

On one level, xinetd does exactly the same things as inetd. I have often compared inetd's role to that of the telephone operator Lily Tomlin played way back when. Essentially, you call in to the operator (inetd), ask for the party you wish to speak to (TCP port or service), and, if all goes well (TCP wrappers allow you in), the operator connects you. But if it's simply a question of asking for a service and being connected, then why, you may ask, is inetd being replaced by xinetd? The answer is the same reason we want to keep an eye on what is happening on our networks: security.

xinetd features a number of enhancements over good old inetd, including extensive logging capabilities, limits on incoming connections (to prevent denial of service attacks), flexible access control for both local and remote connections, and much more (as they say on TV). Configuring xinetd to perform all this magic starts in the /etc/xinetd.conf file, where definitions for various services are broken up into paragraphs with this format:"

Complete Story

Related Stories: