blob: 20432e07003e0b25110bc59d32218bacd0bde429 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
|
# See "man 8 inetd" for more information.
#
# If you make changes to this file, either reboot your machine or send the
# inetd a HUP signal with "/sbin/init.d/inetd reload" or by hand:
# Do a "ps x" as root and look up the pid of inetd. Then do a
# "kill -HUP <pid of inetd>".
# The inetd will re-read this file whenever it gets that signal.
#
# <service_name> <sock_type> <proto> <flags> <user> <server_path> <args>
#
# By default all services will use IPv4. To enabled them to use IPv6
# you will need to modify the "<proto>" by adding "4", "6" or "46" to
# specify IPv4 only, IPv6 only or IPv4 and IPv6. See the man page for
# more information.
#
# echo stream tcp nowait root internal
# echo dgram udp wait root internal
# discard stream tcp nowait root internal
# discard dgram udp wait root internal
# daytime stream tcp nowait root internal
# daytime dgram udp wait root internal
# chargen stream tcp nowait root internal
# chargen dgram udp wait root internal
# time stream tcp nowait root internal
# time dgram udp wait root internal
#
# These are standard services.
#
# ftp stream tcp nowait root /usr/sbin/tcpd wu.ftpd -a
# ftp stream tcp nowait root /usr/sbin/tcpd proftpd
ftp stream tcp nowait root /usr/sbin/in.ftpd in.ftpd
#
# If you want telnetd not to "keep-alives" (e.g. if it runs over a ISDN
# uplink), add "-n". See 'man telnetd' for more details.
telnet stream tcp nowait root /usr/sbin/telnetd telnetd -i
# smtp stream tcp nowait root /usr/sbin/sendmail sendmail -bs
# printer stream tcp nowait root /usr/sbin/tcpd /usr/bin/lpd -i
#
# Shell, login, exec and talk are BSD protocols.
# The option "-h" permits ``.rhosts'' files for the superuser. Please look at
# man-page of rlogind and rshd to see more configuration possibilities about
# .rhosts files.
# shell stream tcp nowait root /usr/sbin/tcpd in.rshd -L
# shell stream tcp nowait root /usr/sbin/tcpd in.rshd -aL
#
# If you want rlogind not to "keep-alives" (e.g. if it runs over a ISDN
# uplink), add "-n". See 'man rlogind' for more details.
# login stream tcp nowait root /usr/sbin/tcpd in.rlogind
# login stream tcp nowait root /usr/sbin/tcpd in.rlogind -a
# exec stream tcp nowait root /usr/sbin/tcpd in.rexecd
# talk dgram udp wait root /usr/sbin/tcpd in.talkd
# ntalk dgram udp wait root /usr/sbin/tcpd in.talkd
#
#
# Pop et al
#
# pop2 stream tcp nowait root /usr/sbin/tcpd in.pop2d
# pop3 stream tcp nowait root /usr/sbin/tcpd /usr/sbin/popper -s
#
# Imapd - Interactive Mail Access Protocol server
# Attention: This service is very insecure
# imap2 stream tcp nowait root /usr/sbin/tcpd imapd
#
# Comsat - has to do with mail.
#
# comsat dgram udp wait root /usr/sbin/tcpd in.comsat
#
# The Internet UUCP service.
#
# uucp stream tcp nowait uucp /usr/sbin/tcpd /usr/lib/uucp/uucico -l
#
# Tftp service is provided primarily for booting. Most sites
# run this only on machines acting as "boot servers."
#
# tftp dgram udp wait nobody /usr/sbin/tcpd in.tftpd /tftpboot
# bootps dgram udp wait root /usr/sbin/bootpd bootpd -c /tftpboot
#
# Finger, systat and netstat give out user information which may be
# valuable to potential "system crackers." Many sites choose to disable
# some or all of these services to improve security.
# Try "telnet localhost systat" and "telnet localhost netstat" to see that
# information yourself!
#
# finger stream tcp nowait nobody /usr/sbin/tcpd in.fingerd -w
# systat stream tcp nowait nobody /usr/sbin/tcpd /bin/ps -auwwx
# netstat stream tcp nowait root /usr/sbin/tcpd /bin/netstat -a
#
# End.
|
