EasyManua.ls Logo

EndRun Sonoma D12 - Disable Protocols; Disable Telnet, Time and Daytime; Disable SNMP, SSH and HTTPS

EndRun Sonoma D12
172 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
S o n o m a U s e r M a n u a l
44
C H A P T E R F I V E
45
S o n o m a U s e r M a n u a l
S E C U R I T Y
restrict default noquery nomodify nopeer
restrict 127.0.0.1 nomodify
restrict 0::1 nomodify
restrict 192.168.1.10 nomodify
Disable Protocols
See below for instructions on how to completely disable the following protocols: Telnet, Time, Day-
time, SSH, SNMP, and HTTPS. See Chapter 4 - PTP/IEEE-1588 Option for how to disable PTP.
The Network Time Protocol (NTP) cannot be disabled.
Disable Telnet, Time and Daytime
To disable Telnet, Time and Daytime use the inetdconfig command to start an interactive script
that will ask you which protocols to disable. Then it will modify the /etc/inetd.conf le, which is read
by the super-server daemon, inetd. Requests from remote hosts for protocols not congured in /etc/
inetd.conf will be refused. Currently, three servers are congurable via inetdconfig: Time and
Daytime (whose protocol servers are contained within the inetd daemon itself), and in.telnetd.
Any one or all of these may be enabled or disabled for start-up.
Disable SNMP, SSH and HTTPS
To disable SNMP, SSH or HTTPS, you only have to modify the le mode of the scripts that control
their execution. These are located in the /etc/rc.d directory.To disable any of these daemons, issue
one or more of these commands:
chmod -x /etc/rc.d/rc.snmpd
chmod -x /etc/rc.d/rc.sshd
chmod -x /etc/rc.d/rc.httpd
After issuing these commands, you must copy the modied le(s) to the non-volatile FLASH area
using one or more of these commands:
cp -p /etc/rc.d/rc.snmpd /boot/etc/rc.d
cp -p /etc/rc.d/rc.sshd /boot/etc/rc.d
cp -p /etc/rc.d/rc.httpd /boot/etc/rc.d
Re-boot the Sonoma when done for the changes to take effect.
IMPORTANT
After modifying /etc/rc.d/rc.snmpd, rc.sshd or rc.httpd, you must copy them to the /boot/etc/rc.d
directory and reboot the system. It is very important to use the -p when performing the copy. During the
boot process, the files contained in the /boot/etc/rc.d directory are copied to the working /etc/rc.d direc-
tory on the system RAM disk. In this way the factory defaults are overwritten.

Table of Contents

Related product manuals