On Tuesday 25 June 2002 12:33 am, Sudhakar Chandra wrote: > > 1. Can we change the default port binding to a > > particluar service for more security like changing the > > default port of telnet which is 23 to say 1024? > > Sure. You'll have to hack telnetd (the telnet daemon) to listen at port > 1024. In all probability, you can probably change it by changing telnetd's > configuration. Remember that your telnet client would have to telnet to > port 1024 and not 23.
I think this can be done by just adjusting /etc/services. Most likely xinetd (or inetd) does a getservbyname() call to determine the port number rather than hard code the port number. Though the number 23 would be hard coded in case this call fails. > In reality this is not security. It is obfuscation. However, with tools like nmap, you don't even get decent obfuscation :-( > > 2. Can a Linux machine or any machine for that matter > > work without a loopback interface(lo) defined in its > > kernel or relevant networking files? > > Why? The loopback interface does not take space or resources worth > mentioning. In theory it should be possible. But in practice there would > be services on your machine which assume loopback is present. IMO, a variety of software take loopback, /dev/null, /etc/passwd etc. for granted. It would be courting disaster if you were to remove/rename any of these from your system. Still, if the OP wants to try it, start off by doing ifconfig lo down. Then see what all breaks. > > 5. What is the need of ip addresses in an > > internetworking system if MAC addresses can be > > uniquely used to indentify a particular machine or an > > interface? > > What about a machine whose network cards fails for some reason? When you > replace the network card, there is a new MAC address. If there were no IP > addresses, this would mean that people would be trying to reach the old MAC > address (while your DNS changes are propogating). > > Also, what about machines that connect to the internet through something > other than an ethernet card? Let us say I have a machine that uses a token > ring card. Or what about when I dial up into my ISP through a modem. A > modem does not have a MAC address as far as I know. Good point. I was also thinking of the IP based virtual hosting some of the old providers do. Binand ------------------------------------------------------- Sponsored by: ThinkGeek at http://www.ThinkGeek.com/ _______________________________________________ linux-india-help mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/linux-india-help
