Shell-Script

刪除 tftp 服務

  • September 12, 2019

我有 2 個提取要解釋,第一個是 XINETD.CONF,第二個是 /etc/xinetd.d。我應該確保 tftp 被停用,因為它存在安全風險,因為它根本不提供身份驗證。從 /etc/xinetd.d ,我可以清楚地看到

-rw-r--r--.   1 root root    23 Feb 24  2017 tftp

tftp 的存在,但我不太確定是否配置在

$$ FILE $$:XINETD.CONF禁用或刪除tftp的訪問。我如何解釋$$ FILE $$:XINETD.CONF呢?

====================================================
[FILE]: XINETD.CONF
-rw-------. 1 root root 1022 Feb 24  2017 /etc/xinetd.conf
====================================================

#
# This is the master xinetd configuration file. Settings in the
# default section will be inherited by all service configurations
# unless explicitly overridden in the service configuration. See
# xinetd.conf in the man pages for a more detailed explanation of
# these attributes.

defaults
{
# The next two items are intended to be a quick access place to
# temporarily enable or disable services.
#
# enabled  =
# disabled =

# Define general logging characteristics.
log_type = SYSLOG daemon info 
log_on_failure = HOST
log_on_success = PID HOST DURATION EXIT

# Define access restriction defaults
#
# no_access =
# only_from =
# max_load = 0
cps  = 50 10
instances = 50
per_source = 10

# Address and networking defaults
#
# bind  =
# mdns  = yes
v6only  = no

# setup environmental attributes
#
# passenv  =
groups  = yes
umask  = 002

# Generally, banners are not used. This sets up their global defaults
#
# banner  =
# banner_fail =
# banner_success =
}

includedir /etc/xinetd.d

====================================================

/etc/xinetd.d

/etc/xinetd.d:
total 68
drwxr-xr-x.   2 root root  4096 Feb 24  2017 .
drwxr-xr-x. 102 root root 12288 Sep  9 02:31 ..
-rw-------.   1 root root  1198 Feb 24  2017 chargen-dgram
-rw-------.   1 root root  1159 Dec 16  2015 chargen-stream
-rw-------.   1 root root  1199 Feb 24  2017 daytime-dgram
-rw-------.   1 root root  1159 Dec 16  2015 daytime-stream
-rw-------.   1 root root  1198 Feb 24  2017 discard-dgram
-rw-------.   1 root root  1200 Feb 24  2017 discard-stream
-rw-------.   1 root root  1189 Feb 24  2017 echo-dgram
-rw-------.   1 root root  1150 Dec 16  2015 echo-stream
-rw-r--r--.   1 root root   332 Mar 28  2014 rsync
-rw-------.   1 root root  1253 Feb 24  2017 tcpmux-server
-rw-r--r--.   1 root root    23 Feb 24  2017 tftp
-rw-------.   1 root root  1149 Dec 16  2015 time-dgram
-rw-------.   1 root root  1150 Dec 16  2015 time-stream

這應該有助於禁用該服務: https ://www.oreilly.com/library/view/linux-security-cookbook/0596003919/ch03s03.html

差不多.. 打開那個 tftp 文件,然後添加 disable = yes 選項

service tftp
{
       ...
       disable = yes
}

引用自:https://unix.stackexchange.com/questions/541449

相關問答

Bash

使用 shell 腳本,通過遞增幾條記錄從文件中複製一條記錄 1000 次或 n 次

  • November 28, 2022
檢視問答
Bash

僅在使用變數時從 JQ 命令獲取空值

  • November 25, 2022
檢視問答
Bash

如何從每一行輸出不同的數據?

  • November 15, 2022
檢視問答
Shell-Script

在 sed 替換中引用 ${variable} 值

  • November 14, 2022
檢視問答
Bash

為什麼 2>/dev/null 不起作用?

  • November 14, 2022
檢視問答
Linux

循環瀏覽具有特定副檔名的文件(並非所有副檔名都可能存在)

  • November 10, 2022
檢視問答