Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Block service
- Thread starter tikual
- Start date
I'm not sure that just "services" is enough. The real configuration is in /etc/inetd.conf or /etc/xinetd.d/finger (depending on your version, basically).
If inetd.conf, comment out the "finger" line. If you have xinetd, edit the "finger" file and set "disable=yes".
Then restart inetd or xinetd.
If inetd.conf, comment out the "finger" line. If you have xinetd, edit the "finger" file and set "disable=yes".
Then restart inetd or xinetd.
- Thread starter
- #3
It's gotta be there somewhere. RH8 (which I have some of) uses xinetd. See if there's at least a /etc/xinetd.d directory. There should also be a /etc/xinetd.conf file. On my systems, the .conf file includes the contents of the directory. Yours might be different. I don't use RH9, but I can't imagine that they changed this too much.
The key is to find a file referenced by xinetd with a block defined like this:
service finger
{
socket_type = stream
wait = no
user = nobody
server = /usr/sbin/in.fingerd
disable = yes
}
It could be in one big config file or in several. Looking at /etc/xinetd might point you to where the configuration files are.
The key is to find a file referenced by xinetd with a block defined like this:
service finger
{
socket_type = stream
wait = no
user = nobody
server = /usr/sbin/in.fingerd
disable = yes
}
It could be in one big config file or in several. Looking at /etc/xinetd might point you to where the configuration files are.
ericbrunson
Technical User
Or you could just firewall the port.
/etc/services does nothing other than provide a numeric to mnemonic mapping of ports to names. Editting it will do nothing other than make utilities not report the name 'finger' just the port number.
But lgarner is right, it has to be somewhere. Use lsof -i to see what process is listening on the port. Put the finger line back in services and do 'lsof -i | grep :finger'
Sorry, I meant to look in "/etc/init.d/xinetd", the startup script, to find out where your config files might be hiding.
Now that I think about it, editing "services" might be sufficient. Let me know if my understanding of xinetd is too hazy:
xinetd will load daemons on demand. (I've used this to have special monitoring programs launch when a telnet session is started on a particular port.) The "services" file works with the xinetd.d config file to map what program runs when a connection is made.
1. A request comes in on port 79.
2. services maps port 79 to "finger"
3. xinetd has an entry for "service finger", and follows those instructions.
So, if there's no "services" entry, there's no mapping, right?
Maybe I made it too complicated and should have stuck to the original question: restart xinetd via "/etc/init.d/xinetd restart"
Now that I think about it, editing "services" might be sufficient. Let me know if my understanding of xinetd is too hazy:
xinetd will load daemons on demand. (I've used this to have special monitoring programs launch when a telnet session is started on a particular port.) The "services" file works with the xinetd.d config file to map what program runs when a connection is made.
1. A request comes in on port 79.
2. services maps port 79 to "finger"
3. xinetd has an entry for "service finger", and follows those instructions.
So, if there's no "services" entry, there's no mapping, right?
Maybe I made it too complicated and should have stuck to the original question: restart xinetd via "/etc/init.d/xinetd restart"
ericbrunson
Technical User
I guess you're right about config files using the /etc/service mappings.
stefanwagner
Programmer
I think so too, because I just tested my new protocol/service/daemon foofoo, and added a 'foofoo'-line into /etc/inetd.conf.
There is no port mentioned - as well as no port is mentioned there for ftp, finger and postgresql.
But when I mapped 'foofoo' to port 9999 in 'services', inetd started foofoo on my port 9999 requests.
Of course finger is a little bit better known than foofoo...
seeking a job as java-programmer in Berlin:
There is no port mentioned - as well as no port is mentioned there for ftp, finger and postgresql.
But when I mapped 'foofoo' to port 9999 in 'services', inetd started foofoo on my port 9999 requests.
Of course finger is a little bit better known than foofoo...
seeking a job as java-programmer in Berlin:
- Thread starter
- #9
Thanks for all reply but it doesn't help to me.
My /etc/xinet.d only has the content as follows:
/etc:> cat /etc/xinetd.conf
#
# Simple configuration file for xinetd
#
# Some defaults, and include /etc/xinetd.d/
defaults
{
instances = 60
log_type = SYSLOG authpriv
log_on_success = HOST PID
log_on_failure = HOST
cps = 25 30
}
includedir /etc/xinetd.d
I can't find "service finger" from it. And I also tried to "grep finger" from all files in /etc. Only /etc/services has this row. Do any have experience to block 'finger' port in RH9?
Thanks
tikual
My /etc/xinet.d only has the content as follows:
/etc:> cat /etc/xinetd.conf
#
# Simple configuration file for xinetd
#
# Some defaults, and include /etc/xinetd.d/
defaults
{
instances = 60
log_type = SYSLOG authpriv
log_on_success = HOST PID
log_on_failure = HOST
cps = 25 30
}
includedir /etc/xinetd.d
I can't find "service finger" from it. And I also tried to "grep finger" from all files in /etc. Only /etc/services has this row. Do any have experience to block 'finger' port in RH9?
Thanks
tikual
stefanwagner
Programmer
Are you sure, that finger is running?
seeking a job as java-programmer in Berlin:
seeking a job as java-programmer in Berlin:
stefanwagner
Programmer
eric: What's the benefit of starting a service, and then block it by a firewall, over not starting it at all?
seeking a job as java-programmer in Berlin:
seeking a job as java-programmer in Berlin:
- Status
Similar threads
- Locked
- Question