[lug] FTP services - disarming daemon

John Starkey jstarkey at ajstarkey.com
Wed Aug 9 01:23:53 MDT 2000 

Shhhh..... yer not supposed to tell anyone :}

On Tue, 8 Aug 2000, PC Drew wrote:

> As for your use of @home cable, here's how I see it.  It takes someone
> like Northpoint or Rhythyms 3 months to install DSL.  With @home you
> get 2 months free, free installation, and you "rent" the cable modem
> (it's included in the monthly cost).  They will install it within 5-7
> days.  Right now I'm using the @home for a couple of months until my
> DSL gets installed.  This way, I get broadband for free until my DSL
> gets here!!  :)
> 
> --
> PC Drew
> 
> 
> Thus spake John Starkey on Tuesday, August 08, 2000, 8:23:51 PM:
> 
> JS> Hi again. 
> 
> JS> I'm using @home and I think the are detecting a service on my computer and
> JS> shutting me down, as someone on the list (sorry, I lost that message)
> JS> mentioned they'd heard they do. I would really like to have ftp for my own
> JS> use but looks like that's not even possible. DSL it is once I move next
> JS> month.
> 
> I could be wrong, but I don't think they're doing any filtering.
> 
> JS> But for now I have commented out every service but ftp and telnet,
> JS> thinking that neither one of those are daemonized. I logged into my box
> JS> from my iMac last night. So abviously they are tied to a daemon. Does
> JS> anyone know of a way to shut them down. Better yet, to allow them to only
> JS> recieve requests from 192.168s? I can't log on now. And I can't remember
> JS> what I changed, obviously something but whatever it was didn't take affect
> JS> immediately.
> 
> ftp and telnet are (generally) run from inetd.  Inetd is a process
> that controls the ports for all of the programs listed in
> /etc/inetd.conf and distributes the appropriate connections to the
> appropriate servers.
> 
> Don't understand?  Here's what my ftp line in /etc/inetd.conf looks
> like:
> 
> ftp    stream  tcp     nowait  root    /usr/sbin/tcpd  in.ftpd -l -a
> 
> This means that the service ftp gets forwarded to /usr/sbin/tcpd with
> "in.ftpd -l -a" as the arguments.  Anytime someone connects to port 21
> on my machine, the connection gets handled by /usr/sbin/tcpd.
> 
> What's tcpd?  Why is it not something like in.ftpd?  Tcpd is the
> daemon for TCP Wrappers.  TCP wrappers filter access to certain
> services.  Once tcp wrappers are installed, the configuration files
> are /etc/hosts.allow and /etc/hosts.deny  To deny everything, you
> leave hosts.allow empty and insert this into hosts.deny:
> 
> ALL: ALL
> 
> That says to deny access to "ALL" services from "ALL" hosts.
> 
> Then, if you want to allow access to ftp from 192.168.0.0/24 you would
> put the following in to /etc/hosts.allow:
> 
> ftp: 192.168.0.0/24
> 
> Good luck.  Oh, and if you edit /etc/inetd.conf or
> /etc/hosts.{allow,deny} you must send a HUP signal to the inetd
> process (kill -1 <pid>).  To not allow ftp at all, you'd just comment out the ftp line
> in /etc/inetd.conf
> 
> 
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>

More information about the LUG mailing list