≡ Menu

inetd

Q. How to tell if my Linux server is using xinetd or inetd service?
[click to continue…]

Q. How do I kill a process called inetd or foo and restart the same so that configuration file get updated?

A. Both UNIX and Linux supports POSIX reliable signals and POSIX real-time signals. Each signal has a current disposition, which determines how the process behaves when it is delivered the signal.

Generally following command is used
kill -1 process-pid

First get pid of inetd:
ps -e | grep inetd
Now force read inetd.conf:
kill -1 xinetd-pid

You can also use pkill command used to send signals. The pkill command allows the use of extended regular expression patterns and other matching criteria.
pkill -HUP process-name

Make syslog reread its configuration file
# pkill -HUP syslogd

Make xinetd reread its configuration file
# pkill -HUP inetd

Restrict ssh access using tcpd (TCPWrapper)

tcpd is use to access control facility for internet services. The tcpd program can be set up to monitor incoming requests for telnet, finger, ftp, exec, rsh, rlogin, tftp, sshd and other services that have a one-to-one mapping onto executable files. Your sshd server must be configuring (compiled with) to support tcpd.

You can find out tcpd (tcpwrapper) support easily with following command:

# strings $(which sshd)| grep libwrap

libwrap.so.0
libwrap refuse returns

If you get output libwrap (as above) then you can use tcpd as follows. Open file /etc/hosts.deny in text editor. This file list of hosts/IPs that are not allowed to access the system. In your case you will block sshd (port 22). Let us say you would like to deny access to IPs 202.54.1.20 64.66.44.22 64.66.44.25.
# vi /etc/hosts.deny Add/append following line to file:sshd: 202.54.1.20 64.66.44.22 64.66.44.25Save and exit to shell prompt. Next make sure your rules are correct with the following command:
# tcpdchk -v
Output:

Using network configuration file: /etc/inetd.conf
>>> Rule /etc/hosts.deny line 20:
daemons:  sshd
clients:  202.54.1.20 64.66.44.22 64.66.44.25
access:   denied

See also: