inetd.sec man page on HP-UX
Printed from http://www.polarhome.com/service/man/?qf=inetd.sec&af=0&tf=2&of=HP-UX

inetd.sec(4)							  inetd.sec(4)

NAME
       inetd.sec - optional security file for inetd

DESCRIPTION
       When  accepts  a connection from a remote system, it checks the address
       of the host requesting the service against the  list  of	 hosts	to  be
       allowed or denied access to the specific service (see inetd(1M)).

       The  file  allows  the  system administrator to control which hosts (or
       networks in general) are allowed to use the system remotely.  This file
       constitutes an extra layer of security in addition to the normal checks
       done by the services.  It precedes the security of  the	servers;  that
       is,  a  server  is  not	started by the Internet daemon unless the host
       requesting the service is a valid host according to

       If file does not exist, security is limited to that implemented by  the
       servers.	  and  the  directory should be writable only by their owners.
       Changes to apply to any subsequent connections.

       Lines in beginning with the pound sign are comments.  Comments are  not
       allowed at the end of a line of data.

       The lines in the file contain a service name, permission field, and the
       Internet addresses or official names of the hosts and networks  allowed
       to  use that service in the local host.	The fields in each line are as
       follows:

       service name { hostaddrs | hostnames | netaddrs | netnames }

       Note: service name is the name (not alias) of a valid service  in  file
       The  service  name for RPC-based services (NFS) is the name (not alias)
       of a valid service in file A service name in corresponds	 to  a	unique
       RPC program number.

       determines  whether  the	 list  of  remote  hosts  in the next field is
       allowed or denied access to the specified service.  Multiple lines  for
       each  service  are  not unsupported.  If there are multiple lines for a
       particular service, all but the last line are ignored.

       Addresses (hostaddrs and netaddrs) and names (hostnames	and  netnames)
       are  separated  by  white  space.   Any	mix  of addresses and names is
       allowed.	 To continue a line, terminate it with backslash,

       Host names and network names are the official names  of	the  hosts  or
       networks as returned by or respectively.	 Wildcard characters and range
       characters are allowed.	The and the can	 be  present  in  any  of  the
       fields of the address.  An address field is a string of characters sep‐
       arated by a dot

       Hostname resolution failure in may cause to  delay  the	processing  of
       connection  requests.   To  avoid  such	delays, configure host/network
       addresses instead of host/network names in the file.

EXAMPLES
       Use a wildcard character to permit a whole network to communicate  with
       the  local  host	 without having to list all the hosts in that network.
       For example, to allow all hosts with network addresses starting with  a
       as well as the single host with address to use rlogin:

       On  a  system  running  NFS,  deny  host access to sprayd, an RPC-based
       server:

       A range is a field containing a character.  To deny hosts in network 10
       (arpa) with subnets 3 through 5 access to

       The  following  entry  denies  access  to host any hosts on the network
       named and the host with internet address

       If a remote service is not listed in the security file,	or  if	it  is
       listed but it is not followed by or all remote hosts can attempt to use
       it.  Security is then provided by the service  itself.	The  following
       lines, if present in allow or deny access to the service indicated:

	      Allow all hosts to use

	      Deny all access to the service; i.e.,

	      Allow access to the service by any host:

	      or
   IPv6 Functionality
       For  an	IPv6  service,	an  IPv6  address can be specified in the host
       address field of The host address field	can  contain  IPv6  addresses,
       IPv4  addresses,	 or both.  This specification includes the IPv4 mapped
       IPv6 addresses also.

       Host names for IPv6 services  are  the  official	 names	of  the	 hosts
       returned by

       The wildcard characters and range characters are not supported for IPv6
       addresses. The equivalent for the wildcard character is provided in the
       form  of	 followed by a forward-slash and See the IPv6 Examples section
       for more details.

   IPv6 Examples
       To allow an IPv6 host with address and an IPv4  host  with  address  in
       order to use the service, an entry in the file should be as follows:

       The following entry denies access to all hosts with a prefix

AUTHOR
       was developed by HP.

       NFS was developed by Sun Microsystems, Inc.

FILES
SEE ALSO
       inetd(1M),  gethostent(3N),  getaddrinfo(3N),  getnetent(3N), hosts(4),
       inetd.conf(4), networks(4), protocols(4), rpc(4), services(4).

								  inetd.sec(4)
[top]

List of man pages available for HP-UX

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net