Re: A question about some network services
Ühel ilusal päeval [02.04.2002] kirjutas Anne Carasik [EMAIL PROTECTED]: [skip] I usually turn off inetd completely. It helps makes things quieter on a nessus scan :) Hei! How do you do that? I tried the following... juku:~# dpkg -l | grep inetd ii netkit-inetd 0.10-9 The Internet Superserver juku:~# apt-get remove --purge netkit-inetd Reading Package Lists... Done Building Dependency Tree... Done The following packages will be REMOVED: apache* bind* logcheck* logrotate* mailman* mailx* mutt* netbase* netkit-inetd* postfix* postfix-ldap* postfix-pcre* 0 packages upgraded, 0 newly installed, 12 to remove and 0 not upgraded. Need to get 0B of archives. After unpacking 9993kB will be freed. Do you want to continue? [Y/n] n Abort. Yikes! I guess, you didn't remove inetd that way, right? But how then? Namarie! Juku -- In the early morning hour, when the pub was closing, my grandpa emptied his tankard, stood up and said his famous words: Couldn't pour water out of a boot with instructions on the heel. http://juku.kicks-ass.net/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
On Friday 05 April 2002 08:49 am, Juhan Kundla wrote: How do you do that? I tried the following... Not remove- but not start. Remove all references to it from the /etc/rc*.d/ directorys so that it dosnt start up anymore. If you are not useing any of its services, its pointless to have it running. But some packages depend on it, so you cant get rid of it. Jay -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
Yikes! I guess, you didn't remove inetd that way, right? But how then? I think that you should just turn it off :) 'Don't' use isn't equal to 'wipe it out' Namarie! Juku -- Michael carstein Melewski | One day, he said, in a taped segment [EMAIL PROTECTED] | that suggested chemical interrogation, mobile: 502 545 913 | everything had gone gray. gpg: carstein.c.pl/carstein.txt | -- Corto , 'Neuromancer' msg06230/pgp0.pgp Description: PGP signature
Re: A question about some network services
On Fri, Apr 05, 2002 at 08:28:41AM -0600, Jay Kline wrote: On Friday 05 April 2002 08:49 am, Juhan Kundla wrote: How do you do that? I tried the following... Not remove- but not start. Remove all references to it from the /etc/rc*.d/ directorys so that it dosnt start up anymore. If you are not useing any of its services, its pointless to have it running. But some packages depend on it, so you cant get rid of it. Actually, you'll want to leave at least one of the K links: otherwise when you upgrade, inetd will mysteriously be re-enabled. See update-rc.d(8) for details. -- Nathan Norman - Micromuse Ltd. mailto:[EMAIL PROTECTED] Gil-galad was an Elven-king.| The Fellowship Of him the harpers sadly sing: |of the last whose realm was fair and free | the Ring between the Mountains and the Sea. | J.R.R. Tolkien msg06232/pgp0.pgp Description: PGP signature
Re: A question about some network services
Generally, I just disable the inetd script from the /etc/init.d directory. You never know if you're going to need it. Removing the package is definitely not the same as disabling it. Michal is right: disable wipe it out :) -Anne On Fri, Apr 05, 2002 at 04:31:19PM +0200, Michal Melewski wrote: Yikes! I guess, you didn't remove inetd that way, right? But how then? I think that you should just turn it off :) 'Don't' use isn't equal to 'wipe it out' Namarie! Juku -- Michael carstein Melewski| One day, he said, in a taped segment [EMAIL PROTECTED] | that suggested chemical interrogation, mobile: 502 545 913 | everything had gone gray. gpg: carstein.c.pl/carstein.txt| -- Corto , 'Neuromancer' -- .-.__.``. Anne Carasik, System Administrator .-.--. _...' (/) (/) ``' [EMAIL PROTECTED] (O/ O) \-' ` -==.', Center for Advanced Computing Research ~`~~ msg06234/pgp0.pgp Description: PGP signature
Re: A question about some network services
On Fri, Apr 05, 2002 at 04:49:46PM +0200, Juhan Kundla wrote: Yikes! I guess, you didn't remove inetd that way, right? But how then? As root: /etc/init.d/inetd stop rm /etc/rc?.d/S??inetd It will not be started again, but the K??inetd links will still be in place so the next upgrade won't override your decisions. noah -- ___ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html msg06235/pgp0.pgp Description: PGP signature
Re: A question about some network services
Hmm, I don't understand this discussion about disabling inetd it has it's uses. Just fire up your favourite text editor pointed at /etc/inetd.conf and insert a hashmark # in front of every line for a service you don't want to provide to the public. Best Rgards /Karl Noah L. Meyerhans wrote: On Fri, Apr 05, 2002 at 04:49:46PM +0200, Juhan Kundla wrote: Yikes! I guess, you didn't remove inetd that way, right? But how then? As root: /etc/init.d/inetd stop rm /etc/rc?.d/S??inetd It will not be started again, but the K??inetd links will still be in place so the next upgrade won't override your decisions. noah -- ___ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html Part 1.2Type: application/pgp-signature -- Don't mess with The Penguin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
It only has it's uses if you are running any services through it. If you are going to # out all the services in /etc/inetd.conf, why not just shut inetd down alltogether? Seems logical to me. Mark Karl Breitner wrote: Hmm, I don't understand this discussion about disabling inetd it has it's uses. Just fire up your favourite text editor pointed at /etc/inetd.conf and insert a hashmark # in front of every line for a service you don't want to provide to the public. Best Rgards /Karl Noah L. Meyerhans wrote: On Fri, Apr 05, 2002 at 04:49:46PM +0200, Juhan Kundla wrote: Yikes! I guess, you didn't remove inetd that way, right? But how then? As root: /etc/init.d/inetd stop rm /etc/rc?.d/S??inetd It will not be started again, but the K??inetd links will still be in place so the next upgrade won't override your decisions. noah -- ___ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html Part 1.2Type: application/pgp-signature -- __ Mark Drummondmailto:[EMAIL PROTECTED] Technojunkie http://gojuka.dyndns.org/ Face every day with new eyes. - The Deviates -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
You are perfectly right Mark, when commenting out all services that is. still I prefer to keep it running with a minimum of services enabled. /Karl Mark Drummond skrev: It only has it's uses if you are running any services through it. If you are going to # out all the services in /etc/inetd.conf, why not just shut inetd down alltogether? Seems logical to me. Mark Karl Breitner wrote: Hmm, I don't understand this discussion about disabling inetd it has it's uses. Just fire up your favourite text editor pointed at /etc/inetd.conf and insert a hashmark # in front of every line for a service you don't want to provide to the public. Best Rgards /Karl Noah L. Meyerhans wrote: On Fri, Apr 05, 2002 at 04:49:46PM +0200, Juhan Kundla wrote: Yikes! I guess, you didn't remove inetd that way, right? But how then? As root: /etc/init.d/inetd stop rm /etc/rc?.d/S??inetd It will not be started again, but the K??inetd links will still be in place so the next upgrade won't override your decisions. noah -- ___ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html Part 1.2Type: application/pgp-signature -- __ Mark Drummondmailto:[EMAIL PROTECTED] Technojunkie http://gojuka.dyndns.org/ Face every day with new eyes. - The Deviates -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
Ühel ilusal päeval [02.04.2002] kirjutas Anne Carasik [EMAIL PROTECTED]: [skip] I usually turn off inetd completely. It helps makes things quieter on a nessus scan :) Hei! How do you do that? I tried the following... juku:~# dpkg -l | grep inetd ii netkit-inetd 0.10-9 The Internet Superserver juku:~# apt-get remove --purge netkit-inetd Reading Package Lists... Done Building Dependency Tree... Done The following packages will be REMOVED: apache* bind* logcheck* logrotate* mailman* mailx* mutt* netbase* netkit-inetd* postfix* postfix-ldap* postfix-pcre* 0 packages upgraded, 0 newly installed, 12 to remove and 0 not upgraded. Need to get 0B of archives. After unpacking 9993kB will be freed. Do you want to continue? [Y/n] n Abort. Yikes! I guess, you didn't remove inetd that way, right? But how then? Namarie! Juku -- In the early morning hour, when the pub was closing, my grandpa emptied his tankard, stood up and said his famous words: Couldn't pour water out of a boot with instructions on the heel. http://juku.kicks-ass.net/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
On Friday 05 April 2002 08:49 am, Juhan Kundla wrote: How do you do that? I tried the following... Not remove- but not start. Remove all references to it from the /etc/rc*.d/ directorys so that it dosnt start up anymore. If you are not useing any of its services, its pointless to have it running. But some packages depend on it, so you cant get rid of it. Jay -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
Yikes! I guess, you didn't remove inetd that way, right? But how then? I think that you should just turn it off :) 'Don't' use isn't equal to 'wipe it out' Namarie! Juku -- Michael carstein Melewski | One day, he said, in a taped segment [EMAIL PROTECTED]| that suggested chemical interrogation, mobile: 502 545 913 | everything had gone gray. gpg: carstein.c.pl/carstein.txt | -- Corto , 'Neuromancer' pgpjSNpSUInI5.pgp Description: PGP signature
Re: A question about some network services
On Fri, Apr 05, 2002 at 04:31:19PM +0200, Michal Melewski remarked: Yikes! I guess, you didn't remove inetd that way, right? But how then? I think that you should just turn it off :) 'Don't' use isn't equal to 'wipe it out' I have found the 'rcconf' utility to be very helpful in these cases :) Cheers Raymond pgpx3RACJhTv4.pgp Description: PGP signature
Re: A question about some network services
On Fri, Apr 05, 2002 at 08:28:41AM -0600, Jay Kline wrote: On Friday 05 April 2002 08:49 am, Juhan Kundla wrote: How do you do that? I tried the following... Not remove- but not start. Remove all references to it from the /etc/rc*.d/ directorys so that it dosnt start up anymore. If you are not useing any of its services, its pointless to have it running. But some packages depend on it, so you cant get rid of it. Actually, you'll want to leave at least one of the K links: otherwise when you upgrade, inetd will mysteriously be re-enabled. See update-rc.d(8) for details. -- Nathan Norman - Micromuse Ltd. mailto:[EMAIL PROTECTED] Gil-galad was an Elven-king.| The Fellowship Of him the harpers sadly sing: |of the last whose realm was fair and free | the Ring between the Mountains and the Sea. | J.R.R. Tolkien pgpN3BJlyYqSM.pgp Description: PGP signature
Re: A question about some network services
Generally, I just disable the inetd script from the /etc/init.d directory. You never know if you're going to need it. Removing the package is definitely not the same as disabling it. Michal is right: disable wipe it out :) -Anne On Fri, Apr 05, 2002 at 04:31:19PM +0200, Michal Melewski wrote: Yikes! I guess, you didn't remove inetd that way, right? But how then? I think that you should just turn it off :) 'Don't' use isn't equal to 'wipe it out' Namarie! Juku -- Michael carstein Melewski| One day, he said, in a taped segment [EMAIL PROTECTED] | that suggested chemical interrogation, mobile: 502 545 913 | everything had gone gray. gpg: carstein.c.pl/carstein.txt| -- Corto , 'Neuromancer' -- .-.__.``. Anne Carasik, System Administrator .-.--. _...' (/) (/) ``' [EMAIL PROTECTED] (O/ O) \-' ` -==.', Center for Advanced Computing Research ~`~~ pgp7ISHyL7swr.pgp Description: PGP signature
Re: A question about some network services
On Fri, Apr 05, 2002 at 04:49:46PM +0200, Juhan Kundla wrote: Yikes! I guess, you didn't remove inetd that way, right? But how then? As root: /etc/init.d/inetd stop rm /etc/rc?.d/S??inetd It will not be started again, but the K??inetd links will still be in place so the next upgrade won't override your decisions. noah -- ___ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html pgpKUyyBwpOEk.pgp Description: PGP signature
Re: A question about some network services
Hmm, I don't understand this discussion about disabling inetd it has it's uses. Just fire up your favourite text editor pointed at /etc/inetd.conf and insert a hashmark # in front of every line for a service you don't want to provide to the public. Best Rgards /Karl Noah L. Meyerhans wrote: On Fri, Apr 05, 2002 at 04:49:46PM +0200, Juhan Kundla wrote: Yikes! I guess, you didn't remove inetd that way, right? But how then? As root: /etc/init.d/inetd stop rm /etc/rc?.d/S??inetd It will not be started again, but the K??inetd links will still be in place so the next upgrade won't override your decisions. noah -- ___ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html Part 1.2Type: application/pgp-signature -- Don't mess with The Penguin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
It only has it's uses if you are running any services through it. If you are going to # out all the services in /etc/inetd.conf, why not just shut inetd down alltogether? Seems logical to me. Mark Karl Breitner wrote: Hmm, I don't understand this discussion about disabling inetd it has it's uses. Just fire up your favourite text editor pointed at /etc/inetd.conf and insert a hashmark # in front of every line for a service you don't want to provide to the public. Best Rgards /Karl Noah L. Meyerhans wrote: On Fri, Apr 05, 2002 at 04:49:46PM +0200, Juhan Kundla wrote: Yikes! I guess, you didn't remove inetd that way, right? But how then? As root: /etc/init.d/inetd stop rm /etc/rc?.d/S??inetd It will not be started again, but the K??inetd links will still be in place so the next upgrade won't override your decisions. noah -- ___ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html Part 1.2Type: application/pgp-signature -- __ Mark Drummondmailto:[EMAIL PROTECTED] Technojunkie http://gojuka.dyndns.org/ Face every day with new eyes. - The Deviates -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
You are perfectly right Mark, when commenting out all services that is. still I prefer to keep it running with a minimum of services enabled. /Karl Mark Drummond skrev: It only has it's uses if you are running any services through it. If you are going to # out all the services in /etc/inetd.conf, why not just shut inetd down alltogether? Seems logical to me. Mark Karl Breitner wrote: Hmm, I don't understand this discussion about disabling inetd it has it's uses. Just fire up your favourite text editor pointed at /etc/inetd.conf and insert a hashmark # in front of every line for a service you don't want to provide to the public. Best Rgards /Karl Noah L. Meyerhans wrote: On Fri, Apr 05, 2002 at 04:49:46PM +0200, Juhan Kundla wrote: Yikes! I guess, you didn't remove inetd that way, right? But how then? As root: /etc/init.d/inetd stop rm /etc/rc?.d/S??inetd It will not be started again, but the K??inetd links will still be in place so the next upgrade won't override your decisions. noah -- ___ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html Part 1.2Type: application/pgp-signature -- __ Mark Drummondmailto:[EMAIL PROTECTED] Technojunkie http://gojuka.dyndns.org/ Face every day with new eyes. - The Deviates -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
First of all thanks to all for responses. On Wed, 2002-04-03 at 20:22, Holger Eitzenberger wrote: On Wed, Apr 03, 2002 at 09:16:03AM +0200, Emmanuel Lacour wrote: 'time' is RFC 868, a pre-NTP time synchronization protocol. It just sends the time as a 32-bit int, where: The time is the number of seconds since 00:00 (midnight) 1 January 1900 GMT, such that the time 1 is 12:00:01 am on 1 January 1900 GMT; this base will serve until the year 2036. I think it sends it big-endian, but I'm not sure. Is it used by the old rdate tools? Old rdate tools ? I use them regulary to update my servers with the current time, is it more convenient to install an NTP server on my local network ? Thanks. Indeed. It's quite usefull if you don't have a NTP server at hand, e. g. behind a firewall. It's not ok if you need accuracy of less than 1 sec. /Holger -- ++ GnuPG Key - http://www.t-online.de/~holger.eitzenberger ++ -- »« »« »« »« »« »« »« »« »« »« »« »« »« »« »« Ivo Marino[EMAIL PROTECTED] UN*X Developer, running Debian GNU/Linux irc.OpenProjects.net #debian http://eimbox.org/~eim http://eimbox.org »« »« »« »« »« »« »« »« »« »« »« »« »« »« »« -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
rdate is probably easier to use. ntp requires at least a little configuration, but it is more accurate. xn On Thu, Apr 04, 2002 at 06:56:30PM +0200, eim wrote: First of all thanks to all for responses. On Wed, 2002-04-03 at 20:22, Holger Eitzenberger wrote: On Wed, Apr 03, 2002 at 09:16:03AM +0200, Emmanuel Lacour wrote: 'time' is RFC 868, a pre-NTP time synchronization protocol. It just sends the time as a 32-bit int, where: The time is the number of seconds since 00:00 (midnight) 1 January 1900 GMT, such that the time 1 is 12:00:01 am on 1 January 1900 GMT; this base will serve until the year 2036. I think it sends it big-endian, but I'm not sure. Is it used by the old rdate tools? Old rdate tools ? I use them regulary to update my servers with the current time, is it more convenient to install an NTP server on my local network ? Thanks. Indeed. It's quite usefull if you don't have a NTP server at hand, e. g. behind a firewall. It's not ok if you need accuracy of less than 1 sec. /Holger -- ++ GnuPG Key - http://www.t-online.de/~holger.eitzenberger ++ -- »« »« »« »« »« »« »« »« »« »« »« »« »« »« »« Ivo Marino[EMAIL PROTECTED] UN*X Developer, running Debian GNU/Linux irc.OpenProjects.net #debian http://eimbox.org/~eim http://eimbox.org »« »« »« »« »« »« »« »« »« »« »« »« »« »« »« -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
On Tue, Apr 02, 2002 at 01:34:32PM -0500, Noah L. Meyerhans wrote: Well, daytime spits out the time of day, time is for NTP, and I'm not sure what discard is used for. No, NTP does not use the time port. It uses port 123 (ntp in /etc/services). Ok, figures I don't know since I don't use it. Discard is the network equivalent of /dev/null W.. an MTU of zero :) The question of what to do with these ports comes up every once in a while on this list. Some people prefer to leave them on, others turn them off. I don't think there's ever been an exploit that involves these ports, as the code is quite simple (i.e. easy to implement securely). Occasionally, there may be a DOS attack, but nothing invasive. I usually turn off inetd completely. It helps makes things quieter on a nessus scan :) Yes, this is good advice, and something that never occurs to most people. Most common services these days run quite happily in standalone mode, so there's often no reason to use inetd at all. Given most everything can run through SSH or SSL (at least TCP-based) :) -Anne -- .-.__.``. Anne Carasik, System Administrator .-.--. _...' (/) (/) ``' [EMAIL PROTECTED] (O/ O) \-' ` -==.', Center for Advanced Computing Research ~`~~ msg06205/pgp0.pgp Description: PGP signature
Re: A question about some network services
On Thu, Apr 04, 2002 at 06:56:30PM +0200, eim wrote: First of all thanks to all for responses. On Wed, 2002-04-03 at 20:22, Holger Eitzenberger wrote: On Wed, Apr 03, 2002 at 09:16:03AM +0200, Emmanuel Lacour wrote: 'time' is RFC 868, a pre-NTP time synchronization protocol. It just sends the time as a 32-bit int, where: The time is the number of seconds since 00:00 (midnight) 1 January 1900 GMT, such that the time 1 is 12:00:01 am on 1 January 1900 GMT; this base will serve until the year 2036. I think it sends it big-endian, but I'm not sure. Is it used by the old rdate tools? Old rdate tools ? I use them regulary to update my servers with the current time, is it more convenient to install an NTP server on my local network ? Thanks. Sorry that's not that I wanted to say. Just rdate is a well known tool because it's an old tool (tcp/ip is old too, and we use it every days;-) when to use ntp/rdate well, it depends...-:) -- Easter-eggsSpécialiste GNU/Linux 44-46 rue de l'Ouest - 75014 Paris - France - Métro Gaité Phone: +33 (0) 1 43 35 00 37- Fax: +33 (0) 1 41 35 00 76 mailto:[EMAIL PROTECTED] -http://www.easter-eggs.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
Anne Carasik [EMAIL PROTECTED] writes: The question of what to do with these ports comes up every once in a while on this list. Some people prefer to leave them on, others turn them off. I don't think there's ever been an exploit that involves these ports, as the code is quite simple (i.e. easy to implement securely). Occasionally, there may be a DOS attack, but nothing invasive. Depends. I thought it was an old trick to persuade echo ports to talk to each other and run away giggling... Yes, this is good advice, and something that never occurs to most people. Most common services these days run quite happily in standalone mode, so there's often no reason to use inetd at all. Given most everything can run through SSH or SSL (at least TCP-based) :) The short reasons in favour of inetd are that a) you save memory space by not having the daemon running all the time (at the slight cost of latency on start-up - choose according to your situation!); b) (if using xinetd instead of boring old inetd) you can apply the same syntax for per-host rate- and resource-limiting to many services that would otherwise either require much research to implement (try exim and apache for size), or not even implement it at all; c) if you're writing a network listener of your own you can implement it in (x)inetd without having to worry about writing the regular listen-accept- process loop *again*. Not that it's *always* a good idea to use inetd, but it still has its plus- points by a long way, especially xinetd instead. ~Tim -- http://spodzone.org.uk/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
First of all thanks to all for responses. On Wed, 2002-04-03 at 20:22, Holger Eitzenberger wrote: On Wed, Apr 03, 2002 at 09:16:03AM +0200, Emmanuel Lacour wrote: 'time' is RFC 868, a pre-NTP time synchronization protocol. It just sends the time as a 32-bit int, where: The time is the number of seconds since 00:00 (midnight) 1 January 1900 GMT, such that the time 1 is 12:00:01 am on 1 January 1900 GMT; this base will serve until the year 2036. I think it sends it big-endian, but I'm not sure. Is it used by the old rdate tools? Old rdate tools ? I use them regulary to update my servers with the current time, is it more convenient to install an NTP server on my local network ? Thanks. Indeed. It's quite usefull if you don't have a NTP server at hand, e. g. behind a firewall. It's not ok if you need accuracy of less than 1 sec. /Holger -- ++ GnuPG Key - http://www.t-online.de/~holger.eitzenberger ++ -- »« »« »« »« »« »« »« »« »« »« »« »« »« »« »« Ivo Marino[EMAIL PROTECTED] UN*X Developer, running Debian GNU/Linux irc.OpenProjects.net #debian http://eimbox.org/~eim http://eimbox.org »« »« »« »« »« »« »« »« »« »« »« »« »« »« »« -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
rdate is probably easier to use. ntp requires at least a little configuration, but it is more accurate. xn On Thu, Apr 04, 2002 at 06:56:30PM +0200, eim wrote: First of all thanks to all for responses. On Wed, 2002-04-03 at 20:22, Holger Eitzenberger wrote: On Wed, Apr 03, 2002 at 09:16:03AM +0200, Emmanuel Lacour wrote: 'time' is RFC 868, a pre-NTP time synchronization protocol. It just sends the time as a 32-bit int, where: The time is the number of seconds since 00:00 (midnight) 1 January 1900 GMT, such that the time 1 is 12:00:01 am on 1 January 1900 GMT; this base will serve until the year 2036. I think it sends it big-endian, but I'm not sure. Is it used by the old rdate tools? Old rdate tools ? I use them regulary to update my servers with the current time, is it more convenient to install an NTP server on my local network ? Thanks. Indeed. It's quite usefull if you don't have a NTP server at hand, e. g. behind a firewall. It's not ok if you need accuracy of less than 1 sec. /Holger -- ++ GnuPG Key - http://www.t-online.de/~holger.eitzenberger ++ -- »« »« »« »« »« »« »« »« »« »« »« »« »« »« »« Ivo Marino[EMAIL PROTECTED] UN*X Developer, running Debian GNU/Linux irc.OpenProjects.net #debian http://eimbox.org/~eim http://eimbox.org »« »« »« »« »« »« »« »« »« »« »« »« »« »« »« -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
On Tue, Apr 02, 2002 at 01:34:32PM -0500, Noah L. Meyerhans wrote: Well, daytime spits out the time of day, time is for NTP, and I'm not sure what discard is used for. No, NTP does not use the time port. It uses port 123 (ntp in /etc/services). Ok, figures I don't know since I don't use it. Discard is the network equivalent of /dev/null W.. an MTU of zero :) The question of what to do with these ports comes up every once in a while on this list. Some people prefer to leave them on, others turn them off. I don't think there's ever been an exploit that involves these ports, as the code is quite simple (i.e. easy to implement securely). Occasionally, there may be a DOS attack, but nothing invasive. I usually turn off inetd completely. It helps makes things quieter on a nessus scan :) Yes, this is good advice, and something that never occurs to most people. Most common services these days run quite happily in standalone mode, so there's often no reason to use inetd at all. Given most everything can run through SSH or SSL (at least TCP-based) :) -Anne -- .-.__.``. Anne Carasik, System Administrator .-.--. _...' (/) (/) ``' [EMAIL PROTECTED] (O/ O) \-' ` -==.', Center for Advanced Computing Research ~`~~ pgpTYNkc4r1PK.pgp Description: PGP signature
Re: A question about some network services
On Thu, Apr 04, 2002 at 06:56:30PM +0200, eim wrote: First of all thanks to all for responses. On Wed, 2002-04-03 at 20:22, Holger Eitzenberger wrote: On Wed, Apr 03, 2002 at 09:16:03AM +0200, Emmanuel Lacour wrote: 'time' is RFC 868, a pre-NTP time synchronization protocol. It just sends the time as a 32-bit int, where: The time is the number of seconds since 00:00 (midnight) 1 January 1900 GMT, such that the time 1 is 12:00:01 am on 1 January 1900 GMT; this base will serve until the year 2036. I think it sends it big-endian, but I'm not sure. Is it used by the old rdate tools? Old rdate tools ? I use them regulary to update my servers with the current time, is it more convenient to install an NTP server on my local network ? Thanks. Sorry that's not that I wanted to say. Just rdate is a well known tool because it's an old tool (tcp/ip is old too, and we use it every days;-) when to use ntp/rdate well, it depends...-:) -- Easter-eggsSpécialiste GNU/Linux 44-46 rue de l'Ouest - 75014 Paris - France - Métro Gaité Phone: +33 (0) 1 43 35 00 37- Fax: +33 (0) 1 41 35 00 76 mailto:[EMAIL PROTECTED] -http://www.easter-eggs.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
Anne Carasik [EMAIL PROTECTED] writes: The question of what to do with these ports comes up every once in a while on this list. Some people prefer to leave them on, others turn them off. I don't think there's ever been an exploit that involves these ports, as the code is quite simple (i.e. easy to implement securely). Occasionally, there may be a DOS attack, but nothing invasive. Depends. I thought it was an old trick to persuade echo ports to talk to each other and run away giggling... Yes, this is good advice, and something that never occurs to most people. Most common services these days run quite happily in standalone mode, so there's often no reason to use inetd at all. Given most everything can run through SSH or SSL (at least TCP-based) :) The short reasons in favour of inetd are that a) you save memory space by not having the daemon running all the time (at the slight cost of latency on start-up - choose according to your situation!); b) (if using xinetd instead of boring old inetd) you can apply the same syntax for per-host rate- and resource-limiting to many services that would otherwise either require much research to implement (try exim and apache for size), or not even implement it at all; c) if you're writing a network listener of your own you can implement it in (x)inetd without having to worry about writing the regular listen-accept- process loop *again*. Not that it's *always* a good idea to use inetd, but it still has its plus- points by a long way, especially xinetd instead. ~Tim -- http://spodzone.org.uk/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
On Wed, Apr 03, 2002 at 09:16:03AM +0200, Emmanuel Lacour wrote: 'time' is RFC 868, a pre-NTP time synchronization protocol. It just sends the time as a 32-bit int, where: The time is the number of seconds since 00:00 (midnight) 1 January 1900 GMT, such that the time 1 is 12:00:01 am on 1 January 1900 GMT; this base will serve until the year 2036. I think it sends it big-endian, but I'm not sure. Is it used by the old rdate tools? Indeed. It's quite usefull if you don't have a NTP server at hand, e. g. behind a firewall. It's not ok if you need accuracy of less than 1 sec. /Holger -- ++ GnuPG Key - http://www.t-online.de/~holger.eitzenberger ++ msg06190/pgp0.pgp Description: PGP signature
Re: A question about some network services
On Tue, Apr 02, 2002 at 11:49:53AM -0700, Will Aoki wrote: On Tue, Apr 02, 2002 at 10:23:21AM -0800, Anne Carasik wrote: On Tue, Apr 02, 2002 at 07:45:21PM +0200, eim wrote: A question about some network services == Hallo Debian folks, By default, on my debian boxes, I disable this network services which are enabled automaticly during a fresh Debian stable aka potato installtion: * daytime * time * discard All this services are stareted from inet.d / xinet.d so I can easily disable them via update-inetd, so my only question is: Why are this services enabled by default and for 'what' exactly do we need them ? Well, daytime spits out the time of day, time is for NTP, and I'm not sure what discard is used for. 'time' is RFC 868, a pre-NTP time synchronization protocol. It just sends the time as a 32-bit int, where: The time is the number of seconds since 00:00 (midnight) 1 January 1900 GMT, such that the time 1 is 12:00:01 am on 1 January 1900 GMT; this base will serve until the year 2036. I think it sends it big-endian, but I'm not sure. Is it used by the old rdate tools? -- Easter-eggsSp?cialiste GNU/Linux 44-46 rue de l'Ouest - 75014 Paris - France - M?tro Gait? Phone: +33 (0) 1 43 35 00 37- Fax: +33 (0) 1 41 35 00 76 mailto:[EMAIL PROTECTED] -http://www.easter-eggs.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
On Wed, Apr 03, 2002 at 09:16:03AM +0200, Emmanuel Lacour wrote: 'time' is RFC 868, a pre-NTP time synchronization protocol. It just sends the time as a 32-bit int, where: The time is the number of seconds since 00:00 (midnight) 1 January 1900 GMT, such that the time 1 is 12:00:01 am on 1 January 1900 GMT; this base will serve until the year 2036. I think it sends it big-endian, but I'm not sure. Is it used by the old rdate tools? Indeed. It's quite usefull if you don't have a NTP server at hand, e. g. behind a firewall. It's not ok if you need accuracy of less than 1 sec. /Holger -- ++ GnuPG Key - http://www.t-online.de/~holger.eitzenberger ++ pgpcZ6pzizXFh.pgp Description: PGP signature
A question about some network services
A question about some network services == Hallo Debian folks, By default, on my debian boxes, I disable this network services which are enabled automaticly during a fresh Debian stable aka potato installtion: * daytime * time * discard All this services are stareted from inet.d / xinet.d so I can easily disable them via update-inetd, so my only question is: Why are this services enabled by default and for 'what' exactly do we need them ? Thanks to anyone for help and suggestions ! Have a nice time, - Ivo -- »« »« »« »« »« »« »« »« »« »« »« »« »« »« »« Ivo Marino[EMAIL PROTECTED] UN*X Developer, running Debian GNU/Linux irc.OpenProjects.net #debian http://eimbox.org/~eim http://eimbox.org »« »« »« »« »« »« »« »« »« »« »« »« »« »« »« -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
On Tue, Apr 02, 2002 at 07:45:21PM +0200, eim wrote: A question about some network services == Hallo Debian folks, By default, on my debian boxes, I disable this network services which are enabled automaticly during a fresh Debian stable aka potato installtion: * daytime * time * discard All this services are stareted from inet.d / xinet.d so I can easily disable them via update-inetd, so my only question is: Why are this services enabled by default and for 'what' exactly do we need them ? Well, daytime spits out the time of day, time is for NTP, and I'm not sure what discard is used for. I usually turn off inetd completely. It helps makes things quieter on a nessus scan :) -Anne -- .-.__.``. Anne Carasik, System Administrator .-.--. _...' (/) (/) ``' [EMAIL PROTECTED] (O/ O) \-' ` -==.', Center for Advanced Computing Research ~`~~ msg06171/pgp0.pgp Description: PGP signature
Re: A question about some network services
[snips:] Anne Carasik wrote: On Tue, Apr 02, 2002 at 07:45:21PM +0200, eim wrote: A question about some network services == ... Well, daytime spits out the time of day, time is for NTP, and I'm not sure what discard is used for. It is the network bit bucket. -- +--+ Jereme Corrado [EMAIL PROTECTED] Network Administrator Restorative Management Corp. gpg: 1024D/9C39E1F0: 8178 3293 4D36 0012 2FAC 8A2B 4767 A3AB 9C39 E1F0 Education is a better safeguard of liberty than a standing army. --Edward Everett -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
On Tue, Apr 02, 2002 at 10:23:21AM -0800, Anne Carasik wrote: Well, daytime spits out the time of day, time is for NTP, and I'm not sure what discard is used for. No, NTP does not use the time port. It uses port 123 (ntp in /etc/services). Discard is the network equivalent of /dev/null The question of what to do with these ports comes up every once in a while on this list. Some people prefer to leave them on, others turn them off. I don't think there's ever been an exploit that involves these ports, as the code is quite simple (i.e. easy to implement securely). I usually turn off inetd completely. It helps makes things quieter on a nessus scan :) Yes, this is good advice, and something that never occurs to most people. Most common services these days run quite happily in standalone mode, so there's often no reason to use inetd at all. noah -- ___ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html msg06173/pgp0.pgp Description: PGP signature
Re: A question about some network services
On Tue, Apr 02, 2002 at 10:23:21AM -0800, Anne Carasik wrote: On Tue, Apr 02, 2002 at 07:45:21PM +0200, eim wrote: A question about some network services == Hallo Debian folks, By default, on my debian boxes, I disable this network services which are enabled automaticly during a fresh Debian stable aka potato installtion: * daytime * time * discard All this services are stareted from inet.d / xinet.d so I can easily disable them via update-inetd, so my only question is: Why are this services enabled by default and for 'what' exactly do we need them ? Well, daytime spits out the time of day, time is for NTP, and I'm not sure what discard is used for. 'time' is RFC 868, a pre-NTP time synchronization protocol. It just sends the time as a 32-bit int, where: The time is the number of seconds since 00:00 (midnight) 1 January 1900 GMT, such that the time 1 is 12:00:01 am on 1 January 1900 GMT; this base will serve until the year 2036. I think it sends it big-endian, but I'm not sure. -- William Aoki [EMAIL PROTECTED] /\ ASCII Ribbon Campaign 3B0A 6800 8A1A 78A7 9A26 BB92 \ / No HTML in mail or news! 9A26 BB92 6329 2D3E 199D 8C7B X / \ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
On Tue, Apr 02, 2002 at 07:45:21PM +0200, eim wrote: All this services are stareted from inet.d / xinet.d so I can easily disable them via update-inetd, so my only question is: And *that's* the problem; update-inetd. I've run into this myself, too, and the solution is to not use update-inetd as a daily administration tool, or to modify its default behavior a bit. The manpage does actually cover this, but toward the bottom: EXAMPLES You've installed ssh (secure encrypting remote shell) and wish to disable its unencrypted cousins: update-inetd --comment-chars '#' --disable login,shell,exec,telnet Using a single '#' character as a comment-char prevents update-inetd to reenable the services on package upgrades. Without the --comment-chars flag, update-inetd is really only useful as a tool in the context of a package install/upgrade/removal. -- Mike Renfro / RD Engineer, Center for Manufacturing Research, 931 372-3601 / Tennessee Technological University -- [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
On Tue, Apr 02, 2002 at 11:49:53AM -0700, Will Aoki wrote: On Tue, Apr 02, 2002 at 10:23:21AM -0800, Anne Carasik wrote: On Tue, Apr 02, 2002 at 07:45:21PM +0200, eim wrote: A question about some network services == Hallo Debian folks, By default, on my debian boxes, I disable this network services which are enabled automaticly during a fresh Debian stable aka potato installtion: * daytime * time * discard All this services are stareted from inet.d / xinet.d so I can easily disable them via update-inetd, so my only question is: Why are this services enabled by default and for 'what' exactly do we need them ? Well, daytime spits out the time of day, time is for NTP, and I'm not sure what discard is used for. 'time' is RFC 868, a pre-NTP time synchronization protocol. It just sends the time as a 32-bit int, where: The time is the number of seconds since 00:00 (midnight) 1 January 1900 GMT, such that the time 1 is 12:00:01 am on 1 January 1900 GMT; this base will serve until the year 2036. I think it sends it big-endian, but I'm not sure. Is it used by the old rdate tools? -- Easter-eggsSpécialiste GNU/Linux 44-46 rue de l'Ouest - 75014 Paris - France - Métro Gaité Phone: +33 (0) 1 43 35 00 37- Fax: +33 (0) 1 41 35 00 76 mailto:[EMAIL PROTECTED] -http://www.easter-eggs.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
A question about some network services
A question about some network services == Hallo Debian folks, By default, on my debian boxes, I disable this network services which are enabled automaticly during a fresh Debian stable aka potato installtion: * daytime * time * discard All this services are stareted from inet.d / xinet.d so I can easily disable them via update-inetd, so my only question is: Why are this services enabled by default and for 'what' exactly do we need them ? Thanks to anyone for help and suggestions ! Have a nice time, - Ivo -- »« »« »« »« »« »« »« »« »« »« »« »« »« »« »« Ivo Marino[EMAIL PROTECTED] UN*X Developer, running Debian GNU/Linux irc.OpenProjects.net #debian http://eimbox.org/~eim http://eimbox.org »« »« »« »« »« »« »« »« »« »« »« »« »« »« »« -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
On Tue, Apr 02, 2002 at 07:45:21PM +0200, eim wrote: A question about some network services == Hallo Debian folks, By default, on my debian boxes, I disable this network services which are enabled automaticly during a fresh Debian stable aka potato installtion: * daytime * time * discard All this services are stareted from inet.d / xinet.d so I can easily disable them via update-inetd, so my only question is: Why are this services enabled by default and for 'what' exactly do we need them ? Well, daytime spits out the time of day, time is for NTP, and I'm not sure what discard is used for. I usually turn off inetd completely. It helps makes things quieter on a nessus scan :) -Anne -- .-.__.``. Anne Carasik, System Administrator .-.--. _...' (/) (/) ``' [EMAIL PROTECTED] (O/ O) \-' ` -==.', Center for Advanced Computing Research ~`~~ pgpfvuUCjhJ8x.pgp Description: PGP signature
Re: A question about some network services
[snips:] Anne Carasik wrote: On Tue, Apr 02, 2002 at 07:45:21PM +0200, eim wrote: A question about some network services == ... Well, daytime spits out the time of day, time is for NTP, and I'm not sure what discard is used for. It is the network bit bucket. -- +--+ Jereme Corrado [EMAIL PROTECTED] Network Administrator Restorative Management Corp. gpg: 1024D/9C39E1F0: 8178 3293 4D36 0012 2FAC 8A2B 4767 A3AB 9C39 E1F0 Education is a better safeguard of liberty than a standing army. --Edward Everett -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
On Tue, Apr 02, 2002 at 10:23:21AM -0800, Anne Carasik wrote: Well, daytime spits out the time of day, time is for NTP, and I'm not sure what discard is used for. No, NTP does not use the time port. It uses port 123 (ntp in /etc/services). Discard is the network equivalent of /dev/null The question of what to do with these ports comes up every once in a while on this list. Some people prefer to leave them on, others turn them off. I don't think there's ever been an exploit that involves these ports, as the code is quite simple (i.e. easy to implement securely). I usually turn off inetd completely. It helps makes things quieter on a nessus scan :) Yes, this is good advice, and something that never occurs to most people. Most common services these days run quite happily in standalone mode, so there's often no reason to use inetd at all. noah -- ___ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html pgpTIbqP9CeZj.pgp Description: PGP signature
Re: A question about some network services
On Tue, 2 Apr 2002, Anne Carasik wrote: On Tue, Apr 02, 2002 at 07:45:21PM +0200, eim wrote: A question about some network services == Hallo Debian folks, By default, on my debian boxes, I disable this network services which are enabled automaticly during a fresh Debian stable aka potato installtion: * daytime * time * discard Very simple.. play with telnet :-) [EMAIL PROTECTED]:~$ telnet 0 daytime Trying 0.0.0.0... Connected to 0.0.0.0. Escape character is '^]'. Tue Apr 2 13:24:03 2002 Connection closed by foreign host. --- Conclusion: daytime is used to see the time in a remote machine. [EMAIL PROTECTED]:~$ telnet 0 discard Trying 0.0.0.0... Connected to 0.0.0.0. Escape character is '^]'. test hello blah ^] telnet quit --- Conclusion: As the name said, it's used for a test I think... He simply ignore all your words. [EMAIL PROTECTED]:~$ telnet 0 time Trying 0.0.0.0... Connected to 0.0.0.0. Escape character is '^]'. ÀTvNConnection closed by foreign host. --- Conclusion: It's used by a program... such as NTP, because the output is not comprehensive for us. Eric -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
On Tue, Apr 02, 2002 at 10:23:21AM -0800, Anne Carasik wrote: On Tue, Apr 02, 2002 at 07:45:21PM +0200, eim wrote: A question about some network services == Hallo Debian folks, By default, on my debian boxes, I disable this network services which are enabled automaticly during a fresh Debian stable aka potato installtion: * daytime * time * discard All this services are stareted from inet.d / xinet.d so I can easily disable them via update-inetd, so my only question is: Why are this services enabled by default and for 'what' exactly do we need them ? Well, daytime spits out the time of day, time is for NTP, and I'm not sure what discard is used for. 'time' is RFC 868, a pre-NTP time synchronization protocol. It just sends the time as a 32-bit int, where: The time is the number of seconds since 00:00 (midnight) 1 January 1900 GMT, such that the time 1 is 12:00:01 am on 1 January 1900 GMT; this base will serve until the year 2036. I think it sends it big-endian, but I'm not sure. -- William Aoki [EMAIL PROTECTED] /\ ASCII Ribbon Campaign 3B0A 6800 8A1A 78A7 9A26 BB92 \ / No HTML in mail or news! 9A26 BB92 6329 2D3E 199D 8C7B X / \ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: A question about some network services
On Tue, Apr 02, 2002 at 07:45:21PM +0200, eim wrote: All this services are stareted from inet.d / xinet.d so I can easily disable them via update-inetd, so my only question is: And *that's* the problem; update-inetd. I've run into this myself, too, and the solution is to not use update-inetd as a daily administration tool, or to modify its default behavior a bit. The manpage does actually cover this, but toward the bottom: EXAMPLES You've installed ssh (secure encrypting remote shell) and wish to disable its unencrypted cousins: update-inetd --comment-chars '#' --disable login,shell,exec,telnet Using a single '#' character as a comment-char prevents update-inetd to reenable the services on package upgrades. Without the --comment-chars flag, update-inetd is really only useful as a tool in the context of a package install/upgrade/removal. -- Mike Renfro / RD Engineer, Center for Manufacturing Research, 931 372-3601 / Tennessee Technological University -- [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]