A Server Run Under Inetd

Tom Kelliher, CS 318

Apr. 14, 2000

Administrivia

Announcements

We'll begin working with the PCs Monday.

Assignment

For Monday: From the material not discussed thus far, Chapters 23 and onwards, e-mail me one topic you'd like to discuss in class.

From Last Time

Hacker's IP list.

Outline

1. Well-known services.

2. inetd.

3. notelnet: a server run from inetd.

Coming Up

PC work.

Well-Known Services

1. For clients to contact servers, servers must listen on specific ports.

   Or, there must be a broker.

2. Who decides what port?

3. Is there a list? Yes, /etc/services database. Note:
   1. Service name, port protocol.

   2. Some services support multiple protocols.

   3. System calls to do the mappings: getservbyport(), getservbyname().

   4. A system need not provide all services.

Inetd

1. Internet ``Super Server.''

2. Configured to listen on a set of ports, as a server. When connection received, fork appropriate server and hand-off connection.

3. Configuration file: /etc/inetd.conf.

   Specifies ports to listen on by service name. Also specifies:

   • Type of connection (stream or datagram).

   • Protocol.

   • Iterative (wait) or concurrent (nowait).

   • What user to run server as.

   • How to run server. What's tcpd? What's internal?

4. The big picture of interaction with a service server:

   

   Notes:

   1. inetd uses inetd.conf to determine listen ports, begins listening.

   2. On connection, fork a child to handle connection. Parent returns to listening.

   3. Child closes all descriptors, save for connection socket.

   4. Problem: How does the server know the socket name?

      Solution: child dups the socket to STDIN, STDOUT, and STDERR.

      The Unix model of process I/O: the three descriptors. How they're usually set up: keyboard and console. Pipes and how the shell sets them up:
      ps gauxw | grep kelliher | less.

   5. Child execs the server.

A Server Run Under Inetd

notelnet:

1. Purpose: monitor telnet port and well-known ssh port. Neither should be in use.

   Logs connection attempts by e-mailing client IP and FQDN to me. In case of telnet connection, send client a diagnostic message. Otherwise, quietly exit, closing the socket.

2. Changing UID. Why not run as root? Principle of least privilege.

3. That's strange: calling socket functions on STDIN. Or is it?

   Observe: we do all I/O through the standard descriptors, which are sockets now.

4. Getting client IP and FQDN.

5. Getting server port. Why?

6. Opening a pipe to send e-mail, via mail client.

   Hint: Pipe from to run a CGI program.

server.pl, client.pl

Questions?