Internet Services

 Basically, an Internet Service can be defined as any service that can be accessed through TCP/IP based networks, whether an internal network (Intranet) or external network (Internet).  Actually, TCP and IP are two of the protocols that are included in a group of protocols sometimes known as the Internet protocols. Common services are Telnet, FTP, SMTP, HTTP, ICMP, ARP, DNS, ssh, scp, sftp, and others. WHAT IS AN INTERNET SERVICE?

 There are common services, such as telnet and ftp.  These services send all of their traffic in plain text, including passwords  Plain text traffic is extremely easy to eavesdrop on by anyone between the traffic’s source and destination. Since the Internet has exploded in popularity, running insecure services such as these is not a good idea. That’s why secure replacements have been developed.  These replacements provide stronger authentication controls and encrypt all their traffic to keep your data safe. You should always run secure services instead of insecure services. Secure Services

 Secure Shell, also known as ssh, is a secure telnet replacement that encrypts all traffic, including passwords, using a public/private encryption key exchange protocol.  It provides the same functionality of telnet(insecure), plus other useful functions, such as traffic tunneling.  [root#]ssh ssh

 SSH asks if you want to accept and trust the host key being sent to you. This is asked only once when you log in into the machine for the very first time.  After this first login whenever ssh is done, system asks for password and a regular terminal in returned.  SSH tunnels almost any protocol through it.

 This example creates tunnel for HTTP. This will forward port 80 of your localhost to port 80 if  [root#]ssh –f –N –q –L 80:localhost:80

 Secure Copy, also known as scp, is part of the ssh package.  scp helps to copy files securely from any machine to any other linux machine provided ssh daemon is running.  The syntax of scp :  scp scp

 For eg :  [root#] scp  password :  password :

 Secure File Transfer Program, also known as sftp, is an FTP client that performs all its functions over ssh.  The syntax for sftp :  sftp file  For eg:  [root#] sftp newfile  Connecting to bscit..  password : sftp

 These are insecure services that should not be used, since they trust that the network is absolutely secure. Their secure equivalents should be used instead. Less secure services

 telnet is a protocol and application that enables someone to have access to a virtual terminal on a remote host. It resembles text-based console access on a Unix machine.  Telnet is an application that’s available almost everywhere.  Because of this distribution, most beginning Unix users use Telnet exclusively to communicate with other Unix and NT machines. telnet

 SSH works almost similar to telnet but with encrypted traffic and passwords.  [root#]telnet example.com

 ftp is a file transfer protocol that runs over ports 20 and 21.  Once you have successfully logged on to an ftp server, you can type help for a list of available commands.  Two important commands to remember are put to move a file from your machine to the remote machine, and get to pull a file from the remote server to your machine.  To send multiple files you can use mput, and to retrieve multiple files you can use mget. ftp

 For eg:  ftp:> get file1  ftp:> put file2  ftp:> mget file1 file2 file3  ftp:> mput file1 file2 file3

 rsync is an unencrypted file transfer program. It includes the feature of allowing to find the differences between two sets of files on two machines to be transferred across the network.  It listens to port 873. rsync

 rlogin is a remote login program that connects your terminal to a remote machine’s terminal.  rlogin is an insecure protocol, because it sends all information, including passwords, in plain-text.  It also enables an mutual trust relationship to exist between machines.  Syntax :  [root#]rlogin remotehostname  Eg :  [root#] rlogin redhat rlogin

 rsh is an unencrypted mechanism to execute commands on remote hosts.  rsh’s syntax is :  [root#]rsh remotehostname remotecommand  Eg :  [root#] rsh redhathost shutdown rsh

 finger enables users on remote systems to look up information about users on another system.  finger displays information as user’s login name, real name, terminal name, idle time, login time, home directory, shell etc.  finger should be disabled outside local network as user information could be accessed easily. finger

 finger daemon listens on port 79.  Syntax :  [root#] finger  [root#] finger

 Talk and ntalk are real-time chat protocols. The talk server runs on port 517 and the ntalk server runs on port 518.  To send someone else a talk request, type talk or ntalk  If their server is running a talk or ntalk daemon and they are logged in, they will see a message inviting them to chat with you. Talk and ntalk

 Syntax :  [root#]talk  [root#]ntalk  Eg:  [root#]talk  [root#]ntalk

 Following protocols are used :  1. http  The most common Web server used on Linux is Apache. Apache is easily configurable, and its configuration files live in /etc/httpd/conf/.  While Apache can be set to listen to many different network ports, the most common port it listens on is port 80. Linux as Server

 To start httpd use command :  [root#] service httpd start  To enable it at boot :  [root#] chkconfig httpd ON

 2. sshd  Its global system configuration files are in /etc/ssh, and users’ ssh configuration files are in $HOME/.ssh/.  The ssh server listens on port 22.  If the port is blocked by firewall and not available then ssh can be made to run on another port also.

 To start sshd use command :  [root#] service sshd start  To enable it at boot :  [root#] chkconfig sshd ON

 3. ftpd  The FTP daemon uses ports 20 and 21 to listen for and initiate FTP requests.  Its configuration files ftpaccess, ftpconversions, ftpgroups, ftphosts, and ftpusers, are located in the /etc directory.

 4. dns  The Domain Name Service (DNS), which maps IP addresses to hostnames.  It runs on port 53.  Its configuration file is named.conf in the /etc directory.

 To start dns use command :  [root#] service named start  To enable it at boot :  [root#] chkconfig named ON

 inetd is called an Internet superserver. It is launched at boot time, and listens for connections on network sockets.  When inetd starts up, it checks the inetd.conf file to see what services should be running. It then reads the /etc/services file to see what ports those services should be running on. Inetd Server

 It is an extended version of inetd that adds more security and features.  In has new features for system administrators.  It starts at boot time and listen for connections to come in from different ports in its configuration file.  Once xientd receives connection request, then xientd spawns a new server and keeps listening for a new connection on a different port. Xinetd Server

 In xinetd anyone can start network service whereas in inetd only root can start the network service.  Xientd has inbuilt firewall capability as it provides access control on all services based on various criteria, such as remote host address, access time, remote hostname etc.

 Xientd kills servers that are not in the configuration file thereby preventing configuration’s access criteria.  Xinetd also has log storage.  Configuration file for xientd is /etc/xientd.conf

 defaults  {  instances=60  log_type=syslog  log_on_success=Host PID  log_on_failure = Host PID  }  includedir /etc/xientd.d /etc/xientd.conf

 Start the service :  [root#] service xientd start  After Any changes in file :  [root#] service xientd restart

 ntalk-chat server runs on port 518  rsync:remote ftp  telnet: telnet server  finger:user information lookup program  kshell:restricts user access to shell  rlogin:remote login trusted  rsh:remote shell to connect to remote host Xinetd started services

 talk:chat server runs on port 517  klogin:rlogin server over kerboros  chargen:generates random charater on TCP  time:gives u time  chargen-udp : generates random charater on UDP  time-upd : gives time on UDP  comsat : sends notification of new mail

 sendmail : mail server  apache : web server  sshd : ssh server  qmail : mail server  postfix : mail server  named : DNS server  xfs : X font server  portmap : maps RPC services to port  rpc.quotad : serves quota information  rpc.mountd : NFS mount server  squid : web proxy server  oracle : database server Stand-Alone Services

 Linux provides a few different mechanisms for system security. One of these mechanisms is Linux’s firewall packages.  iptables is Fedora’s and Red Hat’s built-in firewall administration tool.  iptables also enables personal firewall on Linux machine. Linux Firewall

 Commands to manage Iptables are :  [root#] service iptables start  [root#] service iptables stop  On Boot :  [root#] chkconfig iptables ON  [root#] chkconfig iptables OFF