Skip to main content
IBM  
Shop Support Downloads
IBM Home Products Consulting Industries News About IBM
IBM developerWorks : Linux : Education - Tutorials
LPI certification 102 exam prep, Part 3
ZIPPDF (letter)PDF (A4)e-mail
Main menuSection menuFeedbackPreviousNext
4. Security overview
  


Testing your changes page 12 of 21


After you've modified your inetd or xinetd configuration to disable or restrict services, or to shut down a server with its init script, you should test your changes. You can test tcp ports using the telnet client by specifying the service name or number. For example, to verify that rlogin has been disabled:


# grep ^login /etc/services
login           513/tcp
# telnet localhost 513
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused

In addition to the standard telnet client, you should look into the possibility of using utilities for testing the "openness" of your system. We recommend netcat and nmap.

ncat is the network Swiss Army knife: it is a simple UNIX utility that reads and writes data across network connections, using TCP or UDP protocol. nmapis a utility for network exploration or security auditing. Specifically, nmap scans ports to determine what's open.

You'll find links to these utilities in the last section of this tutorial, Resources.


Main menuSection menuFeedbackPreviousNext
Privacy Legal Contact