AIX

AIX

Connect with fellow AIX users and experts to gain knowledge, share insights, and solve problems.


#Power
 View Only

  • 1.  disabling netstat

    Posted Thu January 12, 2006 02:09 AM

    Originally posted by: SystemAdmin


    Why is it that even though [i]netstat[/i] is commented out in [i]inetd.conf[/i], I can still run the command [i]netstat -a[/i]?
    #AIX-Forum


  • 2.  Re: disabling netstat

    Posted Fri January 13, 2006 10:54 AM

    Originally posted by: SystemAdmin


    /etc/inetd.conf only controls which network based services are available via the /usr/sbin/inetd daemon.

    If enabled, the netstat entry in inetd.conf allows a REMOTE user to run the netstat command on your system by connecting to TCP port 15. (as defined by the /etc/services file).

    You can (and should) disable remote netstat execution via the inetd.conf file, but the contents of that file have no bearing on whether or not you can run "netstat" locally. If you want to restrict the command itself, you could work with the permissions of the file, perhaps making it root executable only. But allowing netstat for local users shouldn't be a security risk for most environments.

    If you have edited the inetd.conf and can still run netstat remotely, it may be that you didn't restart inetd after you made the change.
    #AIX-Forum


  • 3.  Re: disabling netstat

    Posted Fri January 13, 2006 08:46 PM

    Originally posted by: SystemAdmin


    Got it. Thank you very much!
    #AIX-Forum


Related Content