Enabling desired disagnotic protocols
provided by xinetd as "internal services"
There are several quite simple old protocols that are useful for diagnostic purposes but deprecated for practical ones. These include discard, echo, and chargen. In most unixes they are not installed any longer by default. If you want them, in Fedora they come with xinetd. While traditionally they were implemented as separate binary executables like most services, they are so minor that these days they are manifested as internal services of xinetd. That is, the code for the xinetd program, whose job is to manage other servers, takes on the jobs of these services on the side. If you want one of them, you turn it on like any other xinetd service by editing the xinetd configuration file for it in /etc/xinetd.
The assignment for you to perform
If you are working with provided VirtualBox virtual machines, do this exercise in the CLIENT virtual machine that you get when you set up the "sniffing" exercise. (I assume you have done that.) When you are done, repeat it on the SERVER machine so that both machines will be left with these services running.
The well-known ports these services use are
7 echo
9 discard
19 chargen
Find out which ones are running currently:
netstat -pantu
Look for output lines indicating xinetd listening on their ports. For example, something like this from netstat:
tcp 0 0 :::9 :::* LISTEN 2450/xinetd udp 0 0 :::7 :::* 2450/xinetd
would indicate discard (port 9) running as a TCP service on port 9 where it is in TCP's LISTEN state, and echo (port 7) running as a UCP service on port 7. Note that these services run as TCP services on one hand, and/or UDP services on the other, independently. For those services of interest that are not running, you will configure xinetd so that they will. The services of interest, and the xinetd configuration files wherein you turn them on, are:
| Service | Protocol | xinetd configuration file |
| echo | UDP | /etc/xinetd.d/echo-dgram |
| echo | TCP | /etc/xinetd.d/echo-stream |
| discard | UDP | /etc/xinetd.d/discard-dgram |
| discard | TCP | /etc/xinetd.d/discard-stream |
| chargen | UDP | /etc/xinetd.d/chargen-dgram |
| chargen | TCP | /etc/xinetd.d/chargen-stream |
For any of these cases where netstat indicated the service already running, you need to do nothing. For all the others, turn them on by editing into their xinetd config files a line that reads:
disable = no
you will find an existing line reading "disable = yes"; change it. To change it, use an editor if you wish. Alternatively, use the stream editor on the file. If the file is echo-dgram for example this command will make the change:
sed -i '/disable/s/yes/no/' /etc/xinetd.d/echo-dgram
( s/yes/no/ means do a search-and-replace swapping yes for no; /disable/ says apply that to any lines that contain the word disable; -i means "in-place" signifying to apply the change within the file to make it stick ) Make this change in all 6 configuration files.
Then to give it effect, restart xinetd:
systemctl restart xinetd
Check with netstat to see that they are all running now. Also, exercise each of them to confirm for sure. You could do so with either sock or nc (remaining syntax, as below, invariant in this case). Run this:
nc 127.0.0.1 7
Type a line followed by the enter key. What you typed should be echoed back to you. Run this:
nc 127.0.0.1 9
Type a line followed by the enter key. What you typed should not be echoed back to you now, nor anything else. It got discarded. Run this:
nc 127.0.0.1 19
Don't bother to type anything, just press ctrl-C to stanch the flow of generated characters.
These 3 diagnostic service applications are now available for use, each running one instance over udp plus another over tcp.
What to turn in:
Prove it. Produce and submit a screenshot that demonstrates these 6 services are active. Your screenshot should look like this:
Explanation of the above command - netstat produces a list of the open ports. Its "t" option asks for all the tcp ones, and the "u" option asks additionally for all the udp ones. There are more such ports than the six that interest us. So the lengthier report that netstat produces is handed off through a pipe ( the vertical bar operator ) to a command, namely grep, that will filter out just the 6 lines we want. grep's "-E" option puts it in "extended" mode that enables the compound argument that follows. The vertical bar within that argument is a logical or operator. grep is asked to search for and print lines that contain ":7" or ":9" or ":19".
Name your screenshot file diagnostics-enabled.jpg (or .png)