[lug] FTP services - disarming daemon

John Starkey jstarkey at ajstarkey.com
Wed Aug 9 13:25:07 MDT 2000 

Yea, I bet that's it. I am setting up ipchains now for the TCI DENY. 

But I didn't change anything in inetd.conf so that was probably why I was
getting the result I did. After restarting inetd (beginning late last
night) I could only conect to the port I wasn't getting a login prompt. 

So I bet this is the reason. Any "maybe-nots".

TIA,

John

On Wed, 9 Aug 2000, Chip Atkinson wrote:

> Did you look at /etc/inetd.conf?  That's where inetd gets information on
> what to launch for an incoming connection.  It uses /etc/services to map
> the port number to the service that is named in /etc/inetd.conf.  You'll
> also have to kill -HUP inetd for changes to take place.  
> 
> In response to a suggestion about hosts.allow, you should probably use
> ipchains rather than hosts.allow and hosts.deny.  My reasoning is that if
> @home just attempts to find a listener, hosts.allow won't stop the
> listening, it'll just break an illegal connection.  For example, if you
> telnet from a machine that is denied, you'll see the connection made and
> then dropped.  That doesn't happen when you attempt to telnet to a windows
> machine.  You just sit there and nothing happens.  That's what you need to
> emulate, and that's what you'll get when you use ipchains rather than
> hosts.allow/deny. 
> 
> Ready for the flames....
> 
> Chip
> 
> On Tue, 8 Aug 2000, John Starkey wrote:
> 
> > Hi again. 
> > 
> > I'm using @home and I think the are detecting a service on my computer and
> > shutting me down, as someone on the list (sorry, I lost that message)
> > mentioned they'd heard they do. I would really like to have ftp for my own
> > use but looks like that's not even possible. DSL it is once I move next
> > month.
> > 
> > But for now I have commented out every service but ftp and telnet,
> > thinking that neither one of those are daemonized. I logged into my box
> > from my iMac last night. So abviously they are tied to a daemon. Does
> > anyone know of a way to shut them down. Better yet, to allow them to only
> > recieve requests from 192.168s? I can't log on now. And I can't remember
> > what I changed, obviously something but whatever it was didn't take affect
> > immediately.
> > 
> > I've tried activating every thing in /etc/services that I think would be
> > related and nothing work. So I re-commented them. If it's a combination of
> > things I won't find it tonight. I thought I'd backed up /etc but it's been
> > a while, was waiting til I have everything back to the way I want it.
> > (doing things the hard way again, for learnig purposes, (wondering if it's
> > paying off)).
> > 
> > 
> > TIA,
> > 
> > John
> > 
> > 
> > _______________________________________________
> > Web Page:  http://lug.boulder.co.us
> > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > 
> 
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>

More information about the LUG mailing list