home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
OS/2 Shareware BBS: 35 Internet
/
35-Internet.zip
/
sinetd11.zip
/
sinetd.doc
next >
Wrap
Text File
|
1996-07-03
|
3KB
|
81 lines
Sinetd documentation - 3 July 1996
Sinetd is an internet "super server" daemon with enhanced domain
security. Much like inetd, sinetd launches tcp servers on an
as-needed basis. Unlike inetd, there is a check of the client
address to determine if the client is allowed access to the service.
Additionally, there is an audit trail of what clients tried to access
which servers.
Sinetd uses lines in the sinetd.lst file to determine which services
are provided and what clients are allowed to use each service.
sinetd.lst resides in the ETC directory. Each line in the file
describes a single tcp service. Blank lines and any characters
following an octothorp ('#') are ignored.
The first word in each entry is the name of the service. The second
word is the program which is launched to provide the service. The
remaining words on the line are access specifiers.
The name of the service may be suffixed with a '/' and interface
specification. If there is no interface specified then the service
will be monitored for all interfaces. If there is an interface
specification, the service will be monitored for the interface
indicated. This is particulary usefull for multi-homed computers
acting as a weak firewall. The interface specification may be in
dotted decimal notation or may be a host name.
The program name must contain the trailing '.exe'. If the program
needs command line parameters in addition to the the provided socket
number, the program name and parameters must be enclosed in quotes.
If there are no access specifiers, access is allowed for any client.
If there are any access specifiers, access is allowed for any client
which matches at least one of the specifiers.
Access specifiers can either be domain names or dot notation. Domain
names are matched from right to left, so if a client is attempting to
connect from somewhere.company.com and one of the service access
specifiers is company.com, access will be granted. If this same
client attempts to connect to a service with the single access
specifier elsewhere.company.com, access will be denied.
Dot notation specifiers are matched left to right. If a client
attempts a connect from interface 192.0.29.42 to a service with the
single access specifier 192.0.30, access will be denied. If the same
client attempts a connect to a service with the specifier 192, access
will be granted.
When access is granted, the service program is launched in a new
session with the name specified followed by the decimal number of the
tcp socket which has been connected to the client. The service
program should close the socket once the tcp conversation is
completed.
Sinetd is not shareware. It is Copyrighted material and the author
requests the following machine license fees:
#computers Fee
1 $20
2 $40
8 $60
16 $80
32 $100
64 $120
128 $140
256 $160
All fees should be sent to:
Charles Honton
c/o Secant Technologies
23811 Chagrin Blvd.
Beachwood, OH 44120
Comments and suggestions are appreciated.
Direct all inquiries to chas@secant.com