Internet Express for Tru64 UNIX Version 6.8 Administration Guide (14233)

ManualsBrandsHP ManualsSoftwareTru64 UNIX 5.1B

171

172

173

174

175

176

177

178

179

180

Table 9-1 Network Services Wrapped by Internet Express (continued)

Default Access SettingNetwork Service

Allows you to run the POP2 (Post Office Protocol Version 2) e-mail server

pop2

Allows you to change passwords

poppassd

Allows you to run the POP3 (Post Office Protocol Version 3) e-mail server

popper

Allows you to execute commands on a remote system

rexecd

Allows you to log in to a remote system

rlogind

Allows you to broadcast a message to all users logged in to a remote system

rpc.rwalld

Allows you to gather statistics on a remote host's operating system

rpc.rstatd

Returns quotas for a user of a local file system that is mounted by a remote

system over Network File System (NFS)

rpc.rquotad

Displays a list of users on a remote system

rpc.rusersd

Records the packets sent in a one-way stream to a remote system, including

the number of packets received on the remote system and the transfer rate

rpc.sprayd

Runs a shell on a remote system

rshd

Allows mail to be delivered between the local and remote systems

sendmail

Allows you to communicate with a remote system by means of a virtual

terminal

telnetd

Supports the Trivial File Transfer Protocol (tftp), which transfers files to and

from a remote system

tftpd

9.1.2 Controlling Access to Other Network Services

You can use TCP Wrapper to control access to network services other than those wrapped by

Internet Express, and include these additional services in the list displayed on the Display/Update

Configuration form, as follows:

1. Make sure an entry for the service exists in the /etc/inetd.conf file. The entry must not

include the TCP Wrapper (/usr/sbin/tcpd).

2. Add an entry for the service in the /usr/internet/security/config.tcp file to

provide a name and description to use on the Display/Update Configuration form. The

following example shows the entry for the fingerd service:

The user information server for networks :fingerd

3. Edit the /usr/internet/security/hosts.allow file to specify the access setting for

the service. The following example is the entry in the

/usr/internet/security/hosts.allow file for the fingerd service:

fingerd:ALL:ALLOW

4. Run the /usr/internet/security/install.sh script to add TCP Wrapper to the

service's entry in the /etc/inetd.conf file, and to copy the modified

/usr/internet/security/hosts.allow file to /etc/hosts.allow.

You can use the /usr/internet/security/deinstall.sh script to remove the TCP wrapper

from all services in the inetd.conf file.

9.1.3 Modifying Access to a Wrapped Network Service

To modify the access setting for a network service, follow these steps:

1. From the Internet Express Main menu, choose Manage Components.

2. From the Manage Components Menu, under Network Security, choose TCP Wrapper.

172 Network Security Administration