Home > Articles > Operating Systems, Server > Solaris

  • Print
  • + Share This
Like this article? We recommend

Like this article? We recommend

Insecure Service Disablement

Insecure services can be disabled by commenting them out of inetd.conf. The comment character is a hash (#). Consider making a backup copy of inetd.conf before editing. For information on inetd(1M) and inetd.conf(4), consult their respective man pages.

Remove any service not needed for your environment. In particular, remove ftp, telnet, shell, login, and exec. Consider removing echo, discard, daytime, chargen, comsat, and talk services as well. These are normally not needed.

To Disable Insecure Services

  1. Become the superuser.

  2. Edit /etc/inetd.conf and comment out insecure services.

  3. Use the kill(2) command to send the HANGUP signal to inetd(1M).

  4. # ps -ef | grep inetd | grep -v grep
      root  153   1 0  Dec 09 ?    0:02 /usr/sbin/inetd -s
    # kill -HUP 153
  5. Ensure that the services have been disabled.

  6. $ telnet localhost
    Trying 127.0.0.1...
    telnet: Unable to connect to remote host: Connection refused
    $ rsh localhost
    localhost: Connection refused
  • + Share This
  • 🔖 Save To Your Account