Controlling Access to Your Services with xinetd
Creatures of the Linux Underworld
Whenever you learn about controlling access to a Linux box, one "creature" you usually encounter is the "superdaemon." A superdaemon is a daemon that controls other daemons--and daemons are typically network service control programs that run long-term behind the scenes, waiting for when they need to step into action.
In the Linux realm, "the superdaemon" has typically referred inetd, which handles requests for a number of daemons that either aren't used often enough to justify running in the background all of the time, or have such a simple job that a standalone daemon simply isn't needed. The problem with inetd is that this superdaemon makes little attempt to be secure. It allows you to disable various services if you don't want to use them, but there is no fine control available.
Enter xinetd (http://www.xinetd.org). This program is a "secure" replacement for inetd, meaning in this case that it offers many features that allow you to control who accesses which services, and from where. I always keep the Titanic in mind when I talk about security or safety, meaning that nothing is fully secure, but any level of native access control in the superdaemon certainly helps us to protect our systems.
Some distributions (such as Mandrake and Red Hat) currently come with xinetd installed and enabled by default. Yours might include xinetd but not by default, or you can download the tool from the project site.
Solid state disks (SSDs) made a splash in consumer technology, and now the technology has its eyes on the enterprise storage market. Download this eBook to see what SSDs can do for your infrastructure and review the pros and cons of this potentially game-changing storage technology.
- 1Linux Top 3: GNOME 3.12 and New Betas for Ubuntu 14.04 and OpenMandriva Lx 2014.0
- 2Linux Top 3: Linus Lashes out, Linux 3.14 Gets PIE and Ubuntu One is Done.
- 3Linux Top 3: Ubuntu 14.04, Debian Gives Squeeze More Life and Red Hat Goes Atomic
- 4Linux Top 3: Linux 3.11, Kubuntu Goes Commercial
- 5Linux Top 3: RHEL 6.5, Debian 7.2 and EOL for Linux 3.0.x