TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TCLUG:5793] security (some pre-coffee thoughts)...



/etc/services is just a mapping mechanism for various services on the
system.  If you compile and run sshd, any program that query's
active ports such as `netstat -a` will look something like this:

tcp        0      0  *.22               *.*                 LISTEN

Add an entry like this to /etc/services:

ssh              22/tcp    #Secure Shell Login
ssh              22/udp    #Secure Shell Login

and viola, `netstat -a` will look like this:

tcp        0      0  *.ssh               *.*                 LISTEN

Think of it as a port name resolver.

Peter Lukas

On Tue, 4 May 1999, Tim Wilson wrote:

> On Wed, 5 May 1999, Peter Lukas wrote:
> 
> Thanks Peter. Your comments are most helpful. (I suspected that you'd have
> something to say on the subject.)
> 
> > * comment out all undesired services in /etc/inetd.conf 
> 
> What is the relationship between /etc/inetd.conf and /etc/services? Do you
> need to comment out lines in both files or just /etc/inetd.conf?
> 
> > * Kill the xfs that RH6.0 ships with and get the fonts directly from X.
> 
> What is the danger of using xfs? I must say, the fonts look a lot better
> on my RH6 system than they did before. (I realize pretty fonts and system
> security are two different things. I wouldn't even have X on my server if 
> I didn't need it for the UPS software.)
> 
> Thanks again Peter. I'll definitely check out your suggestions. Can anyone
> else add to this list?
> 
> -Tim
> 
> --
> Timothy D. Wilson			"A little song, a little dance,
> University of MN, chem. dept.		a little seltzer down your 
> wilson@chem.umn.edu			pants."   -Chuckles the Clown
> Phone: (612) 625-9828                       as eulogized by Ted Baxter
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@listserv.real-time.com
> For additional commands, e-mail: tclug-list-help@listserv.real-time.com
> Try our website: http://tclug.real-time.com
> 
>