Previous Page | Next Page

  1. Introduction
  2. About Linux
  3. Installation and getting started
  4. Logging in and out
  5. Basic Linux Commands
  6. Linux Files and File Permissions
  7. Linux Directory Structure
  8. Finding Files
  9. Linux Help
  10. Setting Time
  11. Devices
  12. Tips
  13. Accessing Other Filesystems
  14. Accessing Removable Media
  15. Making and Managing Filesystems
  16. Emergency Filesystems and Procedures
  17. LILO and Runlevels
  18. Init
  19. Environment, Shell Selection, and Startu
  20. Linux Kernel
  21. Package Installation and Printing
  22. Configuration, Logging and CRON
  23. Keys and Terminal Configuration
  24. Sound Configuration
  25. Managing Users
  26. Passwords
  27. Process Control
  28. Configuration and Diagnostic Tools
  29. Overall Configuration
  30. Using PAM
  31. Basic Network Setup
  32. Tools and Terms
  33. Novell and Printing
  34. Inetd Services
  35. Xinetd Services
  36. Other Network Services
  37. FTP and Telnet
  38. Samba
  39. Identd (auth)
  40. X Configuration
  41. X Use
  42. Using X Remotely
  43. X Documentation
  44. DNS
  45. DHCP and BOOTP
  46. Apache
  47. NFS
  48. PPP
  49. Mail
  50. Routing
  51. IP Masquerading
  52. Proxy Servers and ipchains
  53. UUCP
  54. News
  55. NIS
  56. Network Security
  57. Secure Shell
  58. Text Processing
  59. Shell Programming
  60. Emacs
  61. VI
  62. Recommended Reading
  63. Credits

Linux Inetd Network services

Services typically provided using inetd include:

  • auth or identd - This is a server that returns user information to a remote host that a user is requesting a service from. It can be run as a stand alone daemon from the startup scripts.
  • bootpd - A server that allows remote clients to get their IP addresses from a bootp server using the bootp network protocol. This involves the server having a /etc/bootptab file containing hardware addresses and associated IP addresses for each computer to be serviced. It can be run as a stand alone daemon from the startup scripts.
  • ftp - File transport protocol. Allows users to transport files between remote sites.
  • tftp - Trivial file transport protocol. A way for users to transfer files to/from remote machines without logging in. Normally this transfer is limited to specific areas and is normally used for transporting files to clients which are needed for remote booting.
  • telnet - A protocol used to open user sessions from remote sites.
  • exec - in.rexecd - Remote execution server allows remote users to execute commands on the system provided they have proper authorization.
  • rlogin - An older method of opening remote sessions, being replaced by telnet.
  • rsh - Remote shell, Used to execute commands on a remote host.
  • talk - A communication program that allows two users to talk by copying lines from one user's terminal to the other.
  • finger - Allows users to get information about users currently logged in on the local system or remote systems.
  • comsat - A server that notifies users when they have received mail. The biff program is used to turn comsat service on and off for each user.
  • pop-2 - ipop2d - Supports POP2 remote mail access protocol.
  • pop-3 -ipop3d - Supports POP3 remote mail access protocol.
  • imap - imapd - Supports the IMAP4rev1 remote mail access protocol which is more powerful than POP3. See RFC 2060.
  • uucp - uucico - The daemon that processes Unix to Unix copy (UUCP) file transfer requests that were queued by uucp or uux.
  • netstat - Displays network connections, routing tables, and other networking information about a system. This works on the local system and over a network.
  • swat - A Samba web administration tool allowing the administrator to configure the /etc/smb.conf file using a web browser.

These services can be controlled (added/removed) by adding or deleting (commenting out) lines in the file "/etc/inedt.conf". If you make a change to this file, you will want to restart the inetd daemon with the command:

kill -HUP inetd

Although you can use inetd to run services such as Samba and BOOTP normally, I recommend using the startup script files which can be configured using the program "linuxconf" and selecting "Control service activity". If these services are used often, you will want to run them direct through the startup scripts. To conserve system resources, you may want to use inetd to control these services if they won't be used very often, but you can't run them using the start up scripts and using inetd at the same time.

The inedt configuration file

The file /etc/inetd.conf is used to configure these networking services. Its format is:

service    socket type    protocol    flags    user    server path    server arguments

It is explained in more detail in the "How Linux Works" document.

Limiting services to your machine to specific addresses

  1. If your system is not set for services to use the tcpd daemon rather than the usual deamon by substituting the following in the "/etc/inetd.conf" file"
    Change lines like this:
       		finger	stream	tcp	nowait	nobody	/usr/etc/in.fingerd	in.fingerd
    To this:
       		finger	stream	tcp	nowait	nobody	/usr/sbin/tcpd		in.fingerd
    
  2. Change the hosts deny file so the following lines are included with the comments:
    ALL: ALL
    ALL: PARANOID
    
  3. Change the hosts.allow file to allow services to desired TCP/IP addresses. Ex:
    ALL:  10.1.0.153, 10.1.2.252
    fingerd: 10.1.1.3
    Note:  To see the address of your windows box, select run and run winipcfg.
    
  4. Reset the inetd deamon by issuing the command "kill –HUP inetd".

To disable a network service completely

To disable remote services like finger, who, and w, you will want to modify your /etc/inetd.conf file. To disable finger services for example, change the /etc/inetd.conf file so the line that says "in.fingerd" at the end, is commented out. Do the same for any other services you do not want to run. Then make the inetd daemon reload its configuration file and restart with the command "killall -HUP inetd".