After you've modified your inetd or xinetd configuration to disable or
restrict services, or to shut down a server with its init script, you
should test your changes. You can test tcp ports using the telnet client
by specifying the service name or number. For example, to verify that
rlogin has been disabled:
# grep ^login /etc/services
login 513/tcp
# telnet localhost 513
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
In addition to the standard telnet client, you should look into the
possibility of using utilities for testing the "openness" of your system.
We recommend netcat and nmap.
ncat is the network Swiss Army knife: it is a simple UNIX
utility that reads and writes data across network connections, using TCP
or UDP protocol. nmapis a utility for network exploration or
security auditing. Specifically, nmap scans ports to determine what's
open.
You'll find links to these utilities in the last section of this tutorial, Resources.