Thanks to Chris Cariffe, David Kovar, Jonathan Loh, Martin Baldenegro,
Eric Pancer, Scott Morris, and Bruce Cheng who provided insight into this
issue (and pointed me to an excellent Solaris Security web site:
www.sunworld.com/common/security-faq.html ) !!!
The original Q:
I am trying to comment out all of the unnecessary lines in
/etc/inetd.conf on a Solaris 2.5.1 box. However, I do not know what some of
the services are, and I do not want to stop any processes which are required
for the system to run properly. Here is a list of the services I am unsure
about. Would you please let me know if I may safely comment these out?
name - Tnamed serves the obsolete IEN-116 name server protocol
time - clock syncronization
echo - testing
discard - testing
daytime - testing
chargen - testing
100232/10 - Solstice system and network administration class agent server
rquotad/1 - UFS disk quotas for NFS clients
sprayd/1 - testing
rstatd/2-4 - Perfmeter
100083/1 - Sun Tooltalk Database server
100221/1 - Sun KCMS Profile Server
fs - Sun Font Server
dtspc - Sun Font Server
100068/2-5 - Sun Font Server
Thanks a million!!!
The opinions differed a bit, but I did some testing with these
recommendations and left only the following in /etc/inetd.conf:
ftp (wu-ftp with tcp wrappers)
telnet (with tcp wrappers)
time (we use NTP to sync system clocks)
I sent a kill -1 to the inetd process and tested to see if necessary items
functioned, they did.
Thanks again to all!
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:46 CDT