[CLUE-Tech] RE: xinetd in RHV7.0; RH chkconfig & RH Up2date/Network Service

Jim Intriglia jimintriglia at hotmail.com
Mon Mar 26 16:57:24 MST 2001 

Tim,

Thanks for that info.. I began reading about xinetd via the web site and in 
the Linux Systems Security book I purchased, but did not find the info you 
provided (thanks - thats what I needed to know!). Still have to read the man 
pages.

In the April edition of Linux Journal, there is an article by Jim Ball 
(Batkey Howell instructor BTW) "Managing Initscripts with Red Hats' 
chkconfig" (pg128). Near the end of the article, he talks about how this 
RHutility can also modify xinetd.. which is handy! I am going to experiment 
with chkconfig to disable ftp/telnet/finger, and then verify (manually) that 
the changes I would expect to the config/scripts have indeed occurred as 
expected.
---
After upgrading a PC to RH7 from 6.2, I decided to give RH up2date daemon a 
shot with respect to getting needed security packages installed. It worked 
OK, until I had it update itself - has not worked since then :-)

The RH Network Mgmt service is interesting as well, but I found the download 
options confusing, and the sucker does not work at all with Mozilla thus 
far.

Tarballs rule? ;-)

RH tells me the V7.0 update CD will be available 4/2, as their are a ton of 
security updates to be added to virgin RH7.0, and a dialup connection won't 
cut it.

I'll burn a CD of the RH update and bring to the meeting for those 
interested (those interested, let me know so I bring enough!).

-Jim


>From: Tim Russell <tim.russell at ilg.com>
>Reply-To: clue-tech at clue.denver.co.us
>To: clue-tech at clue.denver.co.us
>Subject: RE: [CLUE-Tech] Cracked! Mailog entries; xinetd in RHV7.0
>Date: Mon, 26 Mar 2001 08:58:37 -0700
>
>Jim -
>
>    I was a bit taken aback too, but I actually like xinetd quite a bit!  
>You
>definitely need to be a little more careful with it though, it's quite a 
>bit
>more powerful than inetd, which can be both good and bad.
>
>    To disable a service, just go into /etc/xinetd.d, edit the service's
>file, and add a "disable   = yes" line that's the same format as the other
>lines.  Then either do a "/etc/rc.d/init.d/xinetd restart" or a "kill -USR2
><pid" on the xinetd process id.
>
>    Among other things, I discovered, happily, that it'll do user-level 
>port
>forwarding to an internal system on a firewall last week.
>
>Tim
>_______________________________________________
>CLUE-Tech mailing list
>CLUE-Tech at clue.denver.co.us
>http://clue.denver.co.us/mailman/listinfo/clue-tech

_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com

More information about the clue-tech mailing list