1# 2# Sample configuration file for xinetd 3# 4 5defaults 6{ 7 instances = 25 8 log_type = FILE /var/log/servicelog 9 log_on_success = HOST PID 10 log_on_failure = HOST 11 only_from = 128.138.193.0 128.138.204.0 128.138.209.0 128.138.243.0 12 only_from = localhost 192.231.139.0/24 13 disabled = tftp 14} 15 16 17# 18# Group 1: BSD services 19# 20# Shell, login, exec, comsat, talk, ntalk 21# 22 23service login 24{ 25 socket_type = stream 26 protocol = tcp 27 wait = no 28 user = root 29 server = /usr/etc/in.rlogind 30 log_type = SYSLOG local4 info 31} 32 33 34service shell 35{ 36 socket_type = stream 37 wait = no 38 user = root 39 instances = UNLIMITED 40 flags = IDONLY 41 log_on_success += USERID 42 server = /usr/etc/in.rshd 43} 44 45 46service exec 47{ 48 socket_type = stream 49 wait = no 50 user = root 51 server = /usr/etc/in.rexecd 52} 53 54service comsat 55{ 56 socket_type = dgram 57 wait = yes 58 user = nobody 59 group = tty 60 server = /usr/etc/in.comsat 61} 62 63service talk 64{ 65 socket_type = dgram 66 wait = yes 67 user = root 68 server = /usr/etc/in.talkd 69} 70 71service ntalk 72{ 73 socket_type = dgram 74 wait = yes 75 user = root 76 server = /usr/etc/in.ntalkd 77} 78 79# 80# Group 2: standard Internet services 81# 82# Telnet, ftp 83# 84service telnet 85{ 86 socket_type = stream 87 wait = no 88 user = root 89 server = /usr/etc/in.telnetd 90 bind = 127.0.0.1 91 log_on_failure += USERID 92} 93 94service telnet 95{ 96 socket_type = stream 97 wait = no 98 user = root 99# server = /usr/etc/in.telnetd 100 bind = 192.231.139.175 101 redirect = 128.138.202.20 23 102 log_on_failure += USERID 103} 104 105service ftp 106{ 107 socket_type = stream 108 wait = no 109 user = root 110 server = /usr/etc/in.ftpd 111 server_args = -l 112 instances = 4 113 log_on_success += DURATION USERID 114 log_on_failure += USERID 115 access_times = 2:00-8:59 12:00-23:59 116 nice = 10 117} 118 119# 120# Group 3: other services 121# 122 123# 124# Tnamed serves the obsolete IEN-116 name server protocol. 125# 126service name 127{ 128 socket_type = dgram 129 wait = yes 130 user = root 131 server = /usr/etc/in.tnamed 132} 133 134#service uucp 135#{ 136# socket_type = stream 137# wait = no 138# user = root 139# server = /usr/etc/in.uucpd 140#} 141 142service tftp 143{ 144 socket_type = dgram 145 wait = yes 146 user = root 147 server = /usr/etc/in.tftpd 148 server_args = -s /tftpboot 149} 150 151 152# 153# Group 4: information services 154# 155service finger 156{ 157 socket_type = stream 158 wait = no 159 user = nobody 160 server = /usr/etc/in.fingerd 161} 162 163service systat 164{ 165 socket_type = stream 166 wait = no 167 user = nobody 168 server = /usr/bin/ps 169 server_args = -auwwx 170 only_from = 128.138.209.0 171 log_on_success = HOST 172} 173 174service netstat 175{ 176 socket_type = stream 177 wait = no 178 user = nobody 179 server = /usr/ucb/netstat 180 server_args = -f inet 181 only_from = 128.138.209.0 182 log_on_success = HOST 183} 184 185 186# 187# Group 5: internal services 188# 189# echo, time, daytime, chargen, servers, services 190# 191service echo 192{ 193 type = INTERNAL 194 id = echo-stream 195 socket_type = stream 196 protocol = tcp 197 user = root 198 wait = no 199} 200 201service echo 202{ 203 type = INTERNAL 204 id = echo-dgram 205 socket_type = dgram 206 protocol = udp 207 user = root 208 wait = yes 209} 210 211service chargen 212{ 213 type = INTERNAL 214 id = chargen-stream 215 socket_type = stream 216 protocol = tcp 217 user = root 218 wait = no 219} 220 221service chargen 222{ 223 type = INTERNAL 224 id = chargen-dgram 225 socket_type = dgram 226 protocol = udp 227 user = root 228 wait = yes 229} 230 231service daytime 232{ 233 type = INTERNAL 234 id = daytime-stream 235 socket_type = stream 236 protocol = tcp 237 user = root 238 wait = no 239} 240 241service daytime 242{ 243 type = INTERNAL 244 id = daytime-dgram 245 socket_type = dgram 246 protocol = udp 247 user = root 248 wait = yes 249} 250 251service time 252{ 253 type = INTERNAL 254 id = time-stream 255 socket_type = stream 256 protocol = tcp 257 user = root 258 wait = no 259} 260 261 262service time 263{ 264 type = INTERNAL 265 id = time-dgram 266 socket_type = dgram 267 protocol = udp 268 user = root 269 wait = yes 270} 271 272 273# 274# Group 6: RPC services 275# 276service rstatd 277{ 278 type = RPC 279 flags = INTERCEPT 280 rpc_version = 2-4 281 socket_type = dgram 282 protocol = udp 283 server = /usr/etc/rpc.rstatd 284 wait = yes 285 user = root 286} 287 288service rquotad 289{ 290 type = RPC 291 rpc_version = 1 292 socket_type = dgram 293 protocol = udp 294 wait = yes 295 user = root 296 server = /usr/etc/rpc.rstatd 297} 298 299service rusersd 300{ 301 type = RPC 302 rpc_version = 1-2 303 socket_type = dgram 304 protocol = udp 305 wait = yes 306 user = root 307 server = /usr/etc/rpc.rusersd 308} 309 310service sprayd 311{ 312 type = RPC 313 rpc_version = 1 314 socket_type = dgram 315 protocol = udp 316 wait = yes 317 user = root 318 server = /usr/etc/rpc.sprayd 319} 320 321service walld 322{ 323 type = RPC 324 rpc_version = 1 325 socket_type = dgram 326 protocol = udp 327 wait = yes 328 user = nobody 329 group = tty 330 server = /usr/etc/rpc.rwalld 331} 332 333 334# 335# Group 7: Security Sensors 336# 337service irc 338{ 339 socket_type = stream 340 wait = no 341 user = root 342 flags = SENSOR 343 type = INTERNAL 344 bind = 192.168.1.30 345 deny_time = 60 346} 347 348