Square one
A good deal of Unix network security revolves around services available on individual systems. One of the most basic and influential services on Unix systems is one that provides entry to many others. inetd, often referred to as the super server, is a service which users access indirectly. At system boot time, inetd starts up other services by listening on service-specific ports, beginning a particular service by using information in its configuration file, /etc/inetd.conf. One of the first things a sysadmin taking responsibility for a new server will do is look at /etc/inetd.conf to determine which services the server is providing on request.
inetd is a Unix daemon. This means that it runs in the background, around the clock. When a user tries to connect to any of the services listed in inetd's configuration file, inetd issues the specified command to start that service. The user, who may be entering a Telnet session or retrieving email through a POP or IMAP service, is unaware that inetd has intercepted the request.
Most Unix servers will run two kinds of services -- those that run through inetd (on demand) and those that start up when a system boots and run as daemons. To determine how a particular service is set up on a system, you can look for an entry in the /etc/inetd.conf file and, failing that, look for a start script in the /etc/init.d or /etc/rc?.d (/etc/rc.d/init.d and /etc/rc.d/rc?.d on Linux) directories. Processes not started through one of these mechanisms can be assumed to have been started explicitly, started indirectly (i.e., by another service), or started through cron or at commands.
Generally, services are run through inetd if it's more efficient to run them on demand than it is to keep a daemon running continuously. Even a busy email server will run more efficiently if the mail service is started up only when it's needed. Most mail clients will check periodically (maybe every 5 or 10 minutes) to see whether new mail has arrived. The sequence of operations to check for and download new email is quick, and easily wins out over continuous connections.
If the inetd process aborts, which is rare, none of the services that rely on it to start will be available. On the other hand, existing connections will probably continue running. This is because inetd is only required for service initiation, and is not involved once a service starts. To keep people from starting new connections to a server that you need to reboot, you might shut down inetd, but you'll have to wait for users with existing connections to finish their work (or, alternately, you can kick them off). On one firewall/router that I managed, I took to turning on the Telnet port only long enough to start a session from my desk. Then I'd quickly put
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
