Re: [cobalt-security] netstat-ing and finger service

[Theodore Jones <theoj@xxxxxxxxxxxxx>]

Nicholas,

Well explained and thanks much.  I use grep a little bit, but mainly just to
comb through my /var/logs right now.  I have heard that it is quite a powerful
tool however.   I'll have to ask Mumsy for a gift certificate for all the
O'rielly manuals this christmas, ha!,

One more question related to this now:  Would this be the >only< way to start
up a bindshell or other backdoor deamon  each time a kill - HUP is done or
after reboot occurs?

~ T



> > > On any fresh Linux install "grep -v ^# /etc/inetd.conf" is
> > > always a good idea BTW.
> >
> > What does this accomplish?  I'm not advanced enough to pick
> > this apart.  Does it disable finger?
>
> Sorry, I was rushing and not being very informative:
>
> grep                    = search
> -v                      = show all lines *excluding* the following string
> ^                       = beginning of a line
> #                       = just the hash symbol, no special meaning
> /etc/inetd.conf = the file /etc/inetd.conf
>
> so in all the command "grep -v ^# /etc/inetd.conf" means
>
> search for all lines that don't have a hash symbol at the beginning of the
> line in the file /etc/inetd.conf
>
> In other words, in /etc/inetd.conf that means all the services that haven't
> been commented out.
>
> netstat and grep are worth taking some time to learn about, if only so you
> know what they're capable of so when you do need them you know to hit the
> man pages.
>
> --
> Nick Drage - Security Architecture Team - Demon Internet - Thus PLC
>
> Vi has detected that it is not your default text editor. If you
> would like Vi to be your default text editor, please press "Y".
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security