next up previous contents
Next: LATEX Up: Sicherheit im Netz Previous: Sicherheit im Netz

inetd.conf

Mittels der Datei /etc/inetd.conf werden die Programme für die einzelnen Dienste fetsgelegt.

# /etc/inetd.conf:  see inetd(8) for further informations.
#
# Internet server configuration database
#
#
# Lines starting with "#:LABEL:" or "#<off>#" should not
# be changed unless you know what you are doing!
#
# If you want to disable an entry so it isn't touched during
# package updates just comment it out with a single '#' character.
#
# Packages should modify this file by using update-inetd(8)
#
# <service_name> <sock_type> <proto> <flags> <user> <server_path> <args>
#
#:INTERNAL: Internal services
#echo           stream  tcp     nowait  root    internal
#echo           dgram   udp     wait    root    internal
#chargen        stream  tcp     nowait  root    internal
#chargen        dgram   udp     wait    root    internal
discard         stream  tcp     nowait  root    internal
discard         dgram   udp     wait    root    internal
daytime         stream  tcp     nowait  root    internal
#daytime                dgram   udp     wait    root    internal
time            stream  tcp     nowait  root    internal
#time           dgram   udp     wait    root    internal

#:STANDARD: These are standard services.
#<ftp-off>#ftp          stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.ftpd
telnet         stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/local/sbin/no_telnet
ftp             stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/ftpd 

#:BSD: Shell, login, exec and talk are BSD protocols.
shell           stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.rshd
login           stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.rlogind
exec            stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.rexecd
talk            dgram   udp     wait    nobody.tty      /usr/sbin/tcpd  /usr/sbin/in.talkd
ntalk           dgram   udp     wait    nobody.tty      /usr/sbin/tcpd  /usr/sbin/in.ntalkd

#:MAIL: Mail, news and uucp services.
#<off># smtp            stream  tcp     nowait  mail    /usr/sbin/exim exim -bs
#<off># smtp            stream  tcp     nowait  mail    /usr/sbin/exim exim -bs
#<off># smtp            stream  tcp     nowait  mail    /usr/sbin/exim exim -bs

#:INFO: Info services
finger          stream  tcp     nowait  nobody  /usr/sbin/tcpd  /usr/sbin/in.fingerd
ident           stream  tcp     nowait  nobody  /usr/sbin/identd        identd -i

#:BOOT: Tftp service is provided primarily for booting.  Most sites
# run this only on machines acting as "boot servers."
#tftp           dgram   udp     wait    nobody  /usr/sbin/tcpd  /usr/sbin/in.tftpd /boot
#bootps         dgram   udp     wait    root    /usr/sbin/bootpd        bootpd -i -t 120


#:OTHER: Other services
linuxconf       stream  tcp     wait    root    /bin/linuxconf linuxconf --http

So wird in obigen Beispiel bei einem Versuch einen telnet auf den Rechner auszuführen, ein lokales Script ausgeführt.

#!/bin/sh

echo "No telnet allowed on this host."
echo "Please use ssh instead"



Matthias Kabel
2000-01-23