Re: Binding inetd to ip

• Previous message: Csiri: "Re: Strange behaviour IIS and RegExp"
• Maybe in reply to: Nicholas Tang: "Binding inetd to ip"
• Next in thread: Frank Heinzius: "Re: Binding inetd to ip"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

On Tue, Jan 25, 2000 at 11:22:23AM -0500, Nicholas Tang wrote:
> Is it possible to bind inetd to a specific ip address/ethernet card under
> linux?  I haven't been able to find any info myself, but the reason I
> ask is because I currently am running a nameserver that has two network
> cards.

No, the standard inetd can't do that. You have to use xinetd. If you use
xinetd, you can specify the listen address for every service.

> I bound ssh to the first card and am running xntpd on there as well (does
> that have to actually bind to a port?  Is there any way to stop that?  If
> not is there any way to at least limit it to one card/ip?  Would I be
> better off just running ntpdate once an hour?) and then I'm running
> Portsentry on the box to watch for any suspicious activity.

You can't restrict xntpd to bind to every interface. You have to configure
the kernel packet filter with ipchains.

> Here's how a netstat -na looks:
> 
> [root@thisbox /root]# netstat -na
> Active Internet connections (servers and established)
> Proto Recv-Q Send-Q Local Address           Foreign Address         State      
> tcp        0      0 199.2.242.x:22        199.2.242.z:1092	ESTABLISHED 
> tcp        0      0 199.2.242.x:22        0.0.0.0:*               LISTEN      
> tcp        0      0 199.2.242.y:53        0.0.0.0:*               LISTEN      
> udp        0      0 199.2.242.y:123       0.0.0.0:*                           
> udp        0      0 199.2.242.x:123       0.0.0.0:*                           
> udp        0      0 127.0.0.1:123           0.0.0.0:*                           
> udp        0      0 0.0.0.0:123             0.0.0.0:*                           
> udp        0    304 0.0.0.0:1024            0.0.0.0:*                           
> udp        0      0 199.2.242.y:53        0.0.0.0:*                           
> raw        0      0 0.0.0.0:17              0.0.0.0:*               7           
> raw        0      0 0.0.0.0:6               0.0.0.0:*               7           
> raw        0      0 0.0.0.0:1               0.0.0.0:*               7           
> raw        0      0 0.0.0.0:6               0.0.0.0:*               7           
> Active UNIX domain sockets (servers and established)
> Proto RefCnt Flags       Type       State         I-Node Path
> unix  0      [ ACC ]     STREAM     LISTENING     456    /dev/gpmctl
> unix  0      [ ACC ]     STREAM     LISTENING     364    /var/run/ndc
> unix  4      [ ]         DGRAM                    299    /dev/log
> unix  1      [ ]         DGRAM                    301
> /var/named/dev/log
> unix  0      [ ]         DGRAM                    2558   
> unix  0      [ ]         DGRAM                    467    
> unix  0      [ ]         DGRAM                    410    
> unix  0      [ ]         DGRAM                    362    
> unix  0      [ ]         DGRAM                    315    
> [root@thisbox /root]# 
> 
> Any ideas on anything else I can clean up?  Also, I don't mean to sound
> ignorant but anyone have any idea what's listening on 1024, 1, 6 ,and
> 17?  It's a Redhat 6.0 box, if that helps.

1024/udp maybe the query address of the bind. Try ``netstat -nap'' or ``lsof'',
these utilities write the name of the programs holding sockets. In this
case you can use ``fuser -n udp 1024'' to get the process id holding this
socket.

Zoltan BORBELY

• Next message: Mikes Roman: "RE: SSL"
• Previous message: Csiri: "Re: Strange behaviour IIS and RegExp"
• Maybe in reply to: Nicholas Tang: "Binding inetd to ip"
• Next in thread: Frank Heinzius: "Re: Binding inetd to ip"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:59:27 PDT