# #ident "@(#)inetd.conf 1.44 99/11/25 SMI" /* SVr4.0 1.5 */ # # # Configuration file for inetd(1M). See inetd.conf(4). # # To re-configure the running inetd process, edit this file, then # send the inetd process a SIGHUP. # # Syntax for socket-based Internet services: # # # Syntax for TLI-based Internet services: # # tli # # IPv6 and inetd.conf # By specifying a value of tcp6 or udp6 for a service, inetd will # pass the given daemon an AF_INET6 socket. The following daemons have # been modified to be able to accept AF_INET6 sockets # # ftp telnet shell login exec tftp finger printer # # and service connection requests coming from either IPv4 or IPv6-based # transports. Such modified services do not normally require separate # configuration lines for tcp or udp. For documentation on how to do this # for other services, see the Solaris System Administration Guide. # # You must verify that a service supports IPv6 before specifying as # tcp6 or udp6. Also, all inetd built-in commands (time, echo, discard, # daytime, chargen) require the specification of as tcp6 or udp6 # # The remote shell server (shell) and the remote execution server # (exec) must have an entry for both the "tcp" and "tcp6" values. # # Ftp and telnet are standard Internet services. # ftp stream tcp6 nowait root /usr/sbin/in.ftpd in.ftpd telnet stream tcp6 nowait root /usr/sbin/in.telnetd in.telnetd # # Tnamed serves the obsolete IEN-116 name server protocol. # name dgram udp wait root /usr/sbin/in.tnamed in.tnamed # # Shell, login, exec, comsat and talk are BSD protocols. # shell stream tcp nowait root /usr/sbin/in.rshd in.rshd shell stream tcp6 nowait root /usr/sbin/in.rshd in.rshd login stream tcp6 nowait root /usr/sbin/in.rlogind in.rlogind exec stream tcp nowait root /usr/sbin/in.rexecd in.rexecd exec stream tcp6 nowait root /usr/sbin/in.rexecd in.rexecd comsat dgram udp wait root /usr/sbin/in.comsat in.comsat talk dgram udp wait root /usr/sbin/in.talkd in.talkd # # Must run as root (to read /etc/shadow); "-n" turns off logging in utmp/wtmp. # #uucp stream tcp nowait root /usr/sbin/in.uucpd in.uucpd # # Tftp service is provided primarily for booting. Most sites run this # only on machines acting as "boot servers." # #tftp dgram udp6 wait root /usr/sbin/in.tftpd in.tftpd -s /tftpboot # # Finger, systat and netstat give out user information which may be # valuable to potential "system crackers." Many sites choose to disable # some or all of these services to improve security. # # You may want finger inside the network and block the port at the router for privacy from outside. #finger stream tcp6 nowait nobody /usr/sbin/in.fingerd in.fingerd #systat stream tcp nowait root /usr/bin/ps ps -ef #netstat stream tcp nowait root /usr/bin/netstat netstat -f inet # # Time service is used for clock synchronization. # time stream tcp6 nowait root internal time dgram udp6 wait root internal # # Echo, discard, daytime, and chargen are used primarily for testing. # # Major DOS can occur if you leave these available. #echo stream tcp6 nowait root internal #echo dgram udp6 wait root internal #discard stream tcp6 nowait root internal #discard dgram udp6 wait root internal #daytime stream tcp6 nowait root internal #daytime dgram udp6 wait root internal #chargen stream tcp6 nowait root internal #chargen dgram udp6 wait root internal # # # RPC services syntax: # / rpc/ \ # # # can be either "tli" or "stream" or "dgram". # For "stream" and "dgram" assume that the endpoint is a socket descriptor. # can be either a nettype or a netid or a "*". The value is # first treated as a nettype. If it is not a valid nettype then it is # treated as a netid. The "*" is a short-hand way of saying all the # transports supported by this system, ie. it equates to the "visible" # nettype. The syntax for is: # *||{[,]} # For example: # dummy/1 tli rpc/circuit_v,udp wait root /tmp/test_svc test_svc # # Solstice system and network administration class agent server 100232/10 tli rpc/udp wait root /usr/sbin/sadmind sadmind # # Rquotad supports UFS disk quotas for NFS clients # rquotad/1 tli rpc/datagram_v wait root /usr/lib/nfs/rquotad rquotad # # The rusers service gives out user information. Sites concerned # with security may choose to disable it. # #rusersd/2-3 tli rpc/datagram_v,circuit_v wait root /usr/lib/netsvc/rusers/rpc.rusersd rpc.rusersd # # The spray server is used primarily for testing. # #sprayd/1 tli rpc/datagram_v wait root /usr/lib/netsvc/spray/rpc.sprayd rpc.sprayd # # The rwall server allows others to post messages to users on this machine. # walld/1 tli rpc/datagram_v wait root /usr/lib/netsvc/rwall/rpc.rwalld rpc.rwalld # # Rstatd is used by programs such as perfmeter. # This is a popular exploit. #rstatd/2-4 tli rpc/datagram_v wait root /usr/lib/netsvc/rstat/rpc.rstatd rpc.rstatd # # The rexd server provides only minimal authentication and is often not run # #rexd/1 tli rpc/tcp wait root /usr/sbin/rpc.rexd rpc.rexd # # rpc.cmsd is a data base daemon which manages calendar data backed # by files in /var/spool/calendar # # # Sun ToolTalk Database Server # Not required if you don't use CDE tools #100083/1 tli rpc/tcp wait root /usr/dt/bin/rpc.ttdbserverd rpc.ttdbserverd # # UFS-aware service daemon # #ufsd/1 tli rpc/* wait root /usr/lib/fs/ufs/ufsd ufsd -p # # Sun KCMS Profile Server # 100221/1 tli rpc/tcp wait root /usr/openwin/bin/kcms_server kcms_server # # Sun Font Server # fs stream tcp wait nobody /usr/openwin/lib/fs.auto fs # # CacheFS Daemon # 100235/1 tli rpc/tcp wait root /usr/lib/fs/cachefs/cachefsd cachefsd # # Kerberos V5 Warning Message Daemon # 100134/1 tli rpc/ticotsord wait root /usr/lib/krb5/ktkt_warnd ktkt_warnd # # Print Protocol Adaptor - BSD listener # printer stream tcp6 nowait root /usr/lib/print/in.lpd in.lpd # # GSS Daemon # 100234/1 tli rpc/ticotsord wait root /usr/lib/gss/gssd gssd # # AMI Daemon # 100146/1 tli rpc/ticotsord wait root /usr/lib/security/amiserv amiserv 100147/1 tli rpc/ticotsord wait root /usr/lib/security/amiserv amiserv # # OCF (Smart card) Daemon # 100150/1 tli rpc/ticotsord wait root /usr/sbin/ocfserv ocfserv dtspc stream tcp nowait root /usr/dt/bin/dtspcd /usr/dt/bin/dtspcd 100068/2-5 dgram rpc/udp wait root /usr/dt/bin/rpc.cmsd rpc.cmsd # SunVTS Daemon 100153/1 dgram rpc/udp wait root /opt/SUNWvts/bin/sunvts /opt/SUNWvts/bin/sunvts -g # Samba Configuration swat stream tcp nowait.400 root /opt/sfw/sbin/swat swat netbios-ssn stream tcp nowait root /opt/sfw/sbin/smbd smbd netbios-ns dgram udp wait root /opt/sfw/sbin/nmbd nmbd #bootps dgram udp wait root /usr/sbin/bootpd bootpd