Linux services
This presentation is the property of its rightful owner.
Sponsored Links
1 / 16

Linux Services PowerPoint PPT Presentation


  • 117 Views
  • Uploaded on
  • Presentation posted in: General

Linux Services. Muhammad Amer. xinetd Programs. In computer networking, xinetd, the eXtended InterNET Daemon, is an open-source super-server daemon which runs on many Unix-like systems and manages Internet-based connectivity.

Download Presentation

Linux Services

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Linux services

Linux Services

Muhammad Amer


Xinetd programs

xinetd Programs

  • In computer networking, xinetd, the eXtended InterNET Daemon, is an open-source super-server daemon which runs on many Unix-like systems and manages Internet-based connectivity.

  • The xinetd RPM is installed by default in Fedora/Redhat Linux and uses /etc/xinetd.conf as its main configuration file.

  • In Unix and other computer multitasking operating systems, a daemon ( or ) is a computer program that runs in the background, rather than under the direct control of a user; they are usually initiated as background processes. ...


Controlling xinetd

Controlling xinetd

  • The starting and stopping of the xinetd daemon is controlled by the by scripts in the /etc/init.d directory and it is behavior at boot time is controlled by chkconfig.

  • You can start/stop/restart xinetd after booting by using the following commands:

  • To get xinetd configured to start at boot you can use the chkconfig command.

[[email protected] tmp]# service xinetd start

[[email protected] tmp]# service xinetd stop

[[email protected] tmp]# service xinetd restart

[[email protected] tmp]# chkconfig xinetd on


Controlling xinetd managed applications

Controlling xinetd-Managed Applications

  • Xinetd-managed applications all store their configuration files in the /etc/xinetd.d directory.

  • Each configuration file has a disable statement that can set to yes or no. This governs whether xinetd is allowed to start them or not.

  • You don't have to edit these files to activate or deactivate the application. The chkconfig command does that automatically will also stops or starts the application accordingly too


Telnet server and client

Telnet Server and Client


Telnet

Telnet

  • Telnet is a program that allows users to log into server and get a command prompt just as if they were logged into the VGA console.

  • The Telnet server RPM is installed and disabled by default on Fedora Linux.

  • One of the disadvantages of Telnet is that the data is sent as clear text.

  • A more secure method for remote logins would be via Secure Shell (SSH) which uses varying degrees of encryption.

  • The older Telnet application remains popular. Many network devices don't have SSH clients, making telnet the only means of accessing other devices and servers from them


Installing the telnet server software

Installing The Telnet Server Software

  • Older versions of RedHat had the Telnet server installed by default. Fedora Linux does not

    • you will have to install it yourself.

  • Most Linux software products are available in a precompiled package format. Downloading and installing packages

  • When searching for the file, the Telnet server RPM's filename usually starts with the word "telnet-server" followed by a version number as in telnet-server-0.17-28.i386.rpm.


Setting up a telnet server

Setting Up A Telnet Server

  • To set up a Telnet server use the chkconfig command to activate Telnet.

  • Use the chkconfig command to deactivate telnet, even after the next reboot.

[[email protected] tmp]# chkconfig telnet on

[[email protected] tmp]# chkconfig telnet off


Let telnet listen on another tcp port

Let Telnet Listen On Another TCP Port

  • Letting telnet run on an alternate TCP port does not encrypt the traffic, but it makes it less likely to be detected as telnet traffic.

  • Remember that this is not a foolproof strategy; good port scanning programs can detect telnet and other applications running on alternative ports.


Let telnet listen on another tcp port1

Let Telnet Listen On Another TCP Port

  • Edit /etc/services file and add an entry for a new service. Call it stelnet.

  • Copy the telnet configuration file called /etc/xinetd.d/telnet and call it /etc/xinetd.d/stelnet:

# Local services

stelnet 7777/tcp # "secure" telnet

[[email protected] tmp]# cp /etc/xinetd.d/telnet /etc/xinetd.d/stelnet


Let telnet listen on another tcp port2

Let Telnet Listen On Another TCP Port

  • Edit the new /etc/xinetd.d/stelnet file. Make the new service stelnet and add a port statement for TCP port 7777.

  • Use chkconfig to activate stelnet.

# default: on

# description: The telnet server serves telnet sessions

# unencrypted username/password pairs for authentication.

service stelnet

{

flags = REUSE

socket_type = stream

wait = no

user = root

server = /usr/sbin/in.telnetd

log_on_failure += USERID

disable = no

port = 7777

}

[[email protected] tmp]# chkconfig stelnet on


Let telnet allow connections from trusted addresses

Let Telnet Allow Connections From Trusted Addresses

  • Root can restrict telnet logins access to individual remote servers by using the only_from keyword in the telnet configuration file.

  • Add a list of trusted servers to the /etc/xinetd.d/telnet file separated by spaces:

  • Restart telnet by

service telnet

{

flags = REUSE

socket_type = stream

wait = no

user = root

server = /usr/sbin/in.telnetd

log_on_failure += USERID

disable = no

only_from = 192.168.1.100127.0.0.1192.168.1.200

}

#chkconfig telnet off

#chkconfig telnet on


Debian ubuntu

Debian / Ubuntu

  • In Debian / Ubuntu, the Telnet server runs using the inetd, not the xinetd daemon, and uses a single /etc/inetd.conf configuration to manage the activation of the daemons it controls.

  • To stop Telnet you need only to edit the configuration file, comment out the Telnet server line, and restart inetd as seen in this example:


Linux services

  • [email protected]:~# vi /etc/inetd.conf ... ... ... # # File: /etc/inetd.conf #

  • #telnet stream tcp nowait telnetd.telnetd /usr/sbin/tcpd /usr/sbin/in.telnetd ... ... ... [email protected]:~# /etc/init.d/inetd restart * Restarting internet superserver... ...done. [email protected]:~# netstat -a | grep telnet [email protected]:~#


Linux services

Note

  • The xinetd package provides much more flexibility than its inetd equivalent.

  • xinetd allows you to restrict connections to specific source IP addresses and allows you to specify the TCP port and server IP address on which to listen. You may want to convert your system to use the xinetd package for Telnet by installing xinetd and creating your own custom /etc/xinetd.d/telnet configuration file. The rest of the examples in this chapter assume that the more versatile xinetd is being used.


Linux services

  • You can test whether the Telnet process is running with the following command which is used to check the TCP/UDP ports on which your server is listening, if it isn't running then there will be no response.

  • [[email protected] tmp]# netstat -a | grep telnet tcp 0 0 *:telnet *:* LISTEN [[email protected] tmp]#


  • Login