Here are the steps you needed to follow to successfully complete this simulation:
- The inetd daemon is a vital component of your UNIX system. It controls server processes, such as FTP, telnet, and finger.
In this particular exercise, you will edit the inetd.conf file so that it forbids telnet access. You are logged on locally as root. Switch to the /etc directory, where all UNIX systems store the inetd.conf file.
Solution: cd /etc
- You are now in the /etc directory. Open the inetd.conf file using vi.
Solution: vi inetd.conf
- View the contents of inetd.conf. Look down to the first two areas that are not commented out by a # mark. These entries are the FTP and telnet entries. They govern how these systems operate. Normally, you would have to press Esc, then ZZ to edit vi and save changes.
However, for the purposes of this simulation, press Enter to exit the vi editor.
Solution: Enter
- You have now exited the vi editor. Issue the following command to determine what processes are open on your system:
ps aux | grep in.telnetd
Solution: ps aux | grep in.telnetd
For nginx you would type in
ps aux | grep nginx
- Notice that you have three processes named in.telnetd. This means that three remote users are accessing this system. Issue
ps aux | grep in.telnetd
again.
Solution: ps aux | grep in.telnetd
- Note that the in.telnetd processes are no longer running. This means that the users have ended their sessions. In the next few steps, you are going to edit the inetd.conf file to block telnet access.
First, however, you should back up this file before you edit it. This ensures that you can solve any problems if you edit the file incorrectly. Issue the following command:
cp inetd.conf inetd.conf.orig
Solution: cp inetd.conf inetd.conf.orig
- You have backed up inetd.conf and are now ready to edit it. The original inetd.conf file is now open for you in vi. Click on the appropriate line and use the appropriate character in the appropriate place to deny all telnet access.
Solution: #
- You have already saved your entry. Now, to finish the job of denying telnet access, you need to kill the existing inetd process. This is because inetd is using the old inetd.conf file, and has not re-read it. First, determine what the process ID (PID) is by issuing the following command:
ps aux | grep inetd
Solution: ps aux | grep inetd
- What is the PID of the inetd process you want to kill?
Solution: 229
- Use
kill
to kill this PID, then force inetd to scan inetd again.
Solution: kill -HUP 229
- You have now killed and restarted inetd. It is now using the inetd.conf file you have edited. Your UNIX box will no longer receive any requests coming through telnet.