Re: [Bastille-linux-discuss] xinetd dead but pid file exists
This tool locks down Linux and UNIX systems.
Brought to you by:
jay
From: hihihi <hi...@wa...> - 2002-10-28 18:27:21
|
On Monday 28 October 2002 18:49, Jay Beale wrote: > Hey there! > > That's not good. I'm not sure where all those errors are coming from.=20 > Bastille doesn't seem to create any "DISABLING SERVICE" text... It is realy possible that i did something wrong.. Since i am a bit stupid and a slow learner :-) So it might have nothing to do with bastille at all.. > Can you send us the affected /etc/xinetd.d/* files? Here they are. If you need more, let me know :-) /etc/xinetd.d/rexec # default: off # description: Rexecd is the server for the rexec(3) routine. The server= \ # provides remote execution facilities with authentication based \ # on user names and passwords. service exec { socket_type =3D stream wait =3D no user =3D root log_on_success +=3D USERID log_on_failure +=3D USERID server =3D /usr/sbin/in.rexecd disable =3D yes } /etc/xinetd.d/rlogin # default: on # description: rlogind is the server for the rlogin(1) program. The serv= er \ # provides a remote login facility with authentication based on \ # privileged port numbers from trusted hosts. service login { socket_type =3D stream wait =3D no user =3D root log_on_success +=3D USERID log_on_failure +=3D USERID server =3D /usr/sbin/in.rlogind disable =3D yes } /etc/xinetd.d/rsh # default: on # description: The rshd server is the server for the rcmd(3) routine and,= \ # consequently, for the rsh(1) program. The server provides \ # remote execution facilities with authentication based on \ # privileged port numbers from trusted hosts. service shell { socket_type =3D stream wait =3D no user =3D root log_on_success +=3D USERID log_on_failure +=3D USERID server =3D /usr/sbin/in.rshd disable =3D yes } /etc/xinetd.d/tftpd # default: off # description: The tftp server serves files using the trivial file transf= er \ # protocol. The tftp protocol is often used to boot diskless \ # workstations, download configuration files to network-aware print= ers, \ # and to start the installation process for some operating systems. service tftp { socket_type =3D dgram protocol =3D udp wait =3D yes user =3D root server =3D /usr/sbin/in.tftpd server_args =3D -s /tftpboot disable =3D yes per_source =3D 11 cps =3D 100 2 } |