# inetd.conf for gibbs.physics.lsa.umich.edu # # This file describes the services that will be available through the # INETD TCP/IP super server. To re-configure the running INETD # process, edit this file, then send the INETD process a SIGHUP signal. # # @(#) Last Modified: -EAM 09May2000 # # Echo, discard, daytime, and chargen are used primarily for testing. # (Echo and chargen can be used for DoS attacks and so should be disabled) # #echo stream tcp nowait root internal #echo dgram udp wait root internal #discard stream tcp nowait root internal #discard dgram udp wait root internal daytime stream tcp nowait root internal #daytime dgram udp wait root internal #chargen stream tcp nowait root internal #chargen dgram udp wait root internal # Time service is used for clock syncronization BY OTHERS, NOT US # time stream tcp nowait nobody /usr/sbin/tcpd in.timed #time dgram udp wait nobody /usr/sbin/tcpd in.timed # # These are standard services, but be aware that they broadcast # passwords in the clear. # ftp stream tcp nowait root /usr/sbin/tcpd in.ftpd -l -a -u022 -t240 telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd # Shell, login, and exec are BSD protocols. Authentication is weak, # so using ssh is prefered. # shell stream tcp nowait root /usr/sbin/tcpd in.rshd -L login stream tcp nowait root /usr/sbin/tcpd in.rlogind #exec stream tcp nowait root /usr/sbin/tcpd in.rexecd talk dgram udp wait root /usr/sbin/tcpd in.talkd ntalk dgram udp wait root /usr/sbin/tcpd in.ntalkd #dtalk stream tcp waut nobody /usr/sbin/tcpd in.dtalkd # Finger, systat and netstat give out user information which may be # valuable to potential "system crackers." Many sites choose to disable # some or all of these services to improve security. # finger stream tcp nowait root /usr/sbin/tcpd in.fingerd #systat stream tcp nowait guest /usr/sbin/tcpd /bin/ps -auwwx #netstat stream tcp nowait guest /usr/sbin/tcpd /bin/netstat # Authentication # auth stream tcp nowait nobody /usr/sbin/in.identd in.identd -l -e -o #################### # Bogus services which will be trapped by tcpd and/or BrerFox # These are things hackers like to scan # TCP: domain stream tcp nowait brerfox /usr/sbin/tcpd /bogus/domain pop-3 stream tcp nowait brerfox /usr/sbin/tcpd /bogus/popper imap stream tcp nowait brerfox /usr/sbin/tcpd /bogus/imapd http stream tcp nowait brerfox /usr/sbin/tcpd /bogus/httpd uucp stream tcp nowait brerfox /usr/sbin/tcpd /bogus/uucpd tcpmux stream tcp nowait brerfox /usr/sbin/tcpd /bogus/tcpmux link stream tcp nowait brerfox /usr/sbin/tcpd /bogus/link supdup stream tcp nowait brerfox /usr/sbin/tcpd /bogus/supdup nntp stream tcp nowait brerfox /usr/sbin/tcpd /bogus/nntp irc stream tcp nowait brerfox /usr/sbin/tcpd /bogus/irc linuxconf stream tcp nowait brerfox /usr/sbin/tcpd /bogus/linuxconf jetdirect stream tcp nowait brerfox /usr/sbin/tcpd /bogus/jetdirect ingreslock stream tcp nowait brerfox /usr/sbin/tcpd /bogus/ingreslock # TCP or UDP? #subseven stream tcp nowait brerfox /usr/sbin/tcpd /bogus/subseven # Only if not running a real sendmail... # smtp stream tcp nowait brerfox /usr/sbin/tcpd /bogus/sendmail ########### # UDP: (this doesn't work as well - and never use twist!) subseven dgram udp nowait.5 brerfox /usr/sbin/tcpd /bogus/subseven netbus dgram udp nowait.5 brerfox /usr/sbin/tcpd /bogus/netbus netbus2 dgram udp nowait.5 brerfox /usr/sbin/tcpd /bogus/netbus backorifice dgram udp nowait.5 brerfox /usr/sbin/tcpd /bogus/backorifice snmp dgram udp nowait.5 brerfox /usr/sbin/tcpd /bogus/snmp # tftp dgram udp wait.5 brerfox /usr/sbin/tcpd /bogus/tftp # bootps dgram udp nowait.5 brerfox /usr/sbin/tcpd /bogus/bootps ## # End of inetd.conf. Beware of stuff added automatically below here. ##