Am 25.05.2009 um 19:29 schrieb rembrandt:
This diff would shutdown every service by default (which I consider
good):
--- inetd.conf Mon May 25 18:55:17 2009
+++ inetd.conf.new Mon May 25 18:56:01 2009
@@ -11,12 +11,12 @@
#uucpd stream tcp6 nowait root /usr/libexec/uucpd uucpd
#finger stream tcp nowait _fingerd /usr/libexec/fingerd fingerd
-lsm
#finger stream tcp6 nowait _fingerd /usr/libexec/fingerd fingerd
-lsm
-ident stream tcp nowait _identd /usr/libexec/identd identd
-el
-ident stream tcp6 nowait _identd /usr/libexec/identd identd
-el
+#ident stream tcp nowait _identd /usr/libexec/identd identd
-el
+#ident stream tcp6 nowait _identd /usr/libexec/identd identd
-el
#tftp dgram udp wait root /usr/libexec/tftpd tftpd
-s /tftpboot
#tftp dgram udp6 wait root /usr/libexec/tftpd tftpd
-s /tftpboot
-127.0.0.1:comsat dgram udp wait root /usr/libexec/comsat comsat
-[::1]:comsat dgram udp6 wait root /usr/libexec/comsat comsat
+#127.0.0.1:comsat dgram udp wait root /usr/libexec/comsat
comsat
+#[::1]:comsat dgram udp6 wait root /usr/libexec/comsat comsat
#ntalk dgram udp wait root /usr/libexec/ntalkd ntalkd
#pop3 stream tcp nowait root /usr/sbin/popa3d popa3d
#pop3 stream tcp6 nowait root /usr/sbin/popa3d popa3d
@@ -27,10 +27,10 @@
#discard stream tcp6 nowait root internal
#chargen stream tcp nowait root internal
#chargen stream tcp6 nowait root internal
-daytime stream tcp nowait root internal
-daytime stream tcp6 nowait root internal
-time stream tcp nowait root internal
-time stream tcp6 nowait root internal
+#daytime stream tcp nowait root internal
+#daytime stream tcp6 nowait root internal
+#time stream tcp nowait root internal
+#time stream tcp6 nowait root internal
#echo dgram udp wait root internal
#echo dgram udp6 wait root internal
#discard dgram udp wait root internal
Rembrandt
this does not add any security.
