A Server Run Under Inetd

Tom Kelliher, CS 318

Apr. 14, 2000



We'll begin working with the PCs Monday.


For Monday: From the material not discussed thus far, Chapters 23 and onwards, e-mail me one topic you'd like to discuss in class.

From Last Time

Hacker's IP list.


  1. Well-known services.

  2. inetd.

  3. notelnet: a server run from inetd.

Coming Up

PC work.

Well-Known Services

  1. For clients to contact servers, servers must listen on specific ports.

    Or, there must be a broker.

  2. Who decides what port?

  3. Is there a list? Yes, /etc/services database. Note:
    1. Service name, port protocol.

    2. Some services support multiple protocols.

    3. System calls to do the mappings: getservbyport(), getservbyname().

    4. A system need not provide all services.


  1. Internet ``Super Server.''

  2. Configured to listen on a set of ports, as a server. When connection received, fork appropriate server and hand-off connection.

  3. Configuration file: /etc/inetd.conf.

    Specifies ports to listen on by service name. Also specifies:

  4. The big picture of interaction with a service server:


    1. inetd uses inetd.conf to determine listen ports, begins listening.

    2. On connection, fork a child to handle connection. Parent returns to listening.

    3. Child closes all descriptors, save for connection socket.

    4. Problem: How does the server know the socket name?

      Solution: child dups the socket to STDIN, STDOUT, and STDERR.

      The Unix model of process I/O: the three descriptors. How they're usually set up: keyboard and console. Pipes and how the shell sets them up:
      ps gauxw | grep kelliher | less.

    5. Child execs the server.

A Server Run Under Inetd


  1. Purpose: monitor telnet port and well-known ssh port. Neither should be in use.

    Logs connection attempts by e-mailing client IP and FQDN to me. In case of telnet connection, send client a diagnostic message. Otherwise, quietly exit, closing the socket.

  2. Changing UID. Why not run as root? Principle of least privilege.

  3. That's strange: calling socket functions on STDIN. Or is it?

    Observe: we do all I/O through the standard descriptors, which are sockets now.

  4. Getting client IP and FQDN.

  5. Getting server port. Why?

  6. Opening a pipe to send e-mail, via mail client.

    Hint: Pipe from to run a CGI program.

server.pl, client.pl


Thomas P. Kelliher
Fri Apr 14 12:50:07 EDT 2000
Tom Kelliher