Hi > Is it possible to bind inetd to a specific ip > address/ethernet card under > linux? I haven't been able to find any info myself, but the reason I > ask is because I currently am running a nameserver that has > two network cards. I would suggest you use xinetd instead of inetd. I'm sure there is a RPM available. With xinetd you have more configuration options than with inetd. Specifically, you can limit access to a certain service to a limited range of IP addresses. As far as I recall there is an interface option where you can define on which NIC the services is listening. > I have (chroot'ed to its own partition) bind 8.2.2-P5 bound > to the second > ethernet card and I want nothing else on that card - I want it clean > except for port 53, basically. > > I bound ssh to the first card and am running xntpd on there > as well (does that have to actually bind to a port? Is there any way to > stop that? If Well if you use your machine as a NTP server then yes it has to bind to a port. Otherwise if you just want to use your machine as a NTP client then probably no. At least under Solaris this is not necessary (ntpdate). > not is there any way to at least limit it to one card/ip? Would I be > better off just running ntpdate once an hour?) and then I'm running > Portsentry on the box to watch for any suspicious activity. Personally I'd suggest to run ntpdate once an hour. If you don't have a really bad internal clock this should be more than enough. > ignorant but anyone have any idea what's listening on 1024, 1, 6 ,and > 17? It's a Redhat 6.0 box, if that helps. look at http://www.isi.edu/in-notes/iana/assignments/port-numbers. Best regards Jan
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:59:37 PDT