Hack Like a Pro: Linux Basics for the Aspiring Hacker, Part 25 (Inetd, the Super Daemon)

Linux Basics for the Aspiring Hacker, Part 25 (Inetd, the Super Daemon)

Welcome back, my rookie hackers!

In my ongoing attempts to familiarize aspiring hackers with Linux (nearly all hacking is done with Linux, and here's why every hacker should know and use it), I want to address a rather obscure, but powerful process. There is one super process that is called inetd or xinetd or rlinetd. I know, I know... that's confusing, but bear with me.

Before I discuss the inetd process, I want to explain that in Linux and Unix, processes that run in the background are called daemons. In some places, you we will even see them referred to as "demons," but that is incorrect. A daemon is a spirit that influences one's character or personality. They are not representatives of good or evil, but rather encourage independent thought and will. This is in contrast to a "demon," which we know is something quite different.

Image via Unknown

Now, back to inetd. In the beginning—well, at least in the beginning of Unix—all daemons started at boot time and ran continuously. As you might imagine, this meant that processes that were not being used were using resources and depleting performance. This obviously was an inefficient way of doing business.

As systems gained more and more services, it became readily apparent that something different needed to be done. As a result, a programmer at Berkeley decided that it might be best to create a daemon that would control all other daemons, a sort of super daemon. Thus, began inetd, or the Internet daemon.

Inetd always runs in the background and it then decides when to start and stop other daemons. So, if a call comes in on port 21 for FTP services, inetd starts the FTP daemon. When a call comes in on port 80 for HTTP services, inetd starts HTTP services, and so on. In this way, inetd conserves resources and improves overall system performance.

Eventually, this super daemon was exploited by hackers (imagine that) in a number of ways. If you think about it, if I can exploit the super daemon that controls all of the other daemons, I can control the entire system. At the very least, if I can control the super daemon, I can probably DoS the system. This is exactly what did happen and, as a result, we got a new and improved super daemon called xinetd.

Xinetd was developed to address some of the security vulnerabilities in inetd and was rather rapidly adopted by the commercial Linux distributions, Red Hat and SUSE. Debian and Ubuntu, which are the underlying Linux distributions of Kali and BackTrack, respectively, stayed with the older inetd, initially. But now Debian has transitioned to a newer version of inetd, labelled rlinetd.

Find Rlinetd

We can find rlinetd in our Kali system by typing the following.

kali > locate rlinetd

We can see at the top of the list, the configuration file for rlinetd and the daemon file itself.

Rlinetd Manual

As I mentioned in earlier articles, whenever we want to know something about a particular command in Linux, we can, of course, Google it. Alternatively, we can also use the man, or manual, file. We simply type "man" before the command and the system will pull up the manual file for that command. Let's check out the manual for rlinetd.

kali > man rlinetd

Take a Look at rlinetd.conf

Finally, let's take a look at the configuration file for rlinetd. Let's open it with Leafpad or any text editor.

kali > leadpad rlinetd

We can make our Linux system more secure by setting some default values in the rlinetd.conf file. For instance, if the system were only used for FTP services, it not only would be inefficient to run any other service, but also less secure. For example, if an attacker were trying to exploit HTTP and HTTP was disabled in the rlinetd.conf, they would not have much luck.

We could also change the rlinetd.conf to only start FTP services as needed and nothing else. If you only want this system accessible to a list of IP addresses or just your internal network, you could configure that access in the rlinetd.conf.

As a beginner with Linux, I recommend not making any changes to the rlinetd as you are more likely to sabotage and disable your system than making it more secure or efficient, but now you understand what inetd is. With more system admin experience, you can manage this super daemon to make your system safer and more efficient.

Don't Confuse Inetd with Init.d

Linux novices often confuse init.d and inetd. Init.d is an initialization daemon that runs when the system starts up. It determines the runlevel and the daemons that activate at start up. When a computer is turned on, the kernel starts the systems init.d, which always has a Process ID (PID) of 1.

The init process starts a series of scripts that get the system ready for use. These are things such as checking the filesystem and then mounting it and starting any system daemons that are required. These scripts are often referred as rc files because they all begin with the rc.(run command). I'll explain more on init.d in a subsequent tutorial, but I wanted to make certain that this distinction was clear.

Keep coming back, my rookie hackers, as we explore further the inner workings of Linux and prepare you to be professional hackers!

Just updated your iPhone to iOS 18? You'll find a ton of hot new features for some of your most-used Apple apps. Dive in and see for yourself:

34 Comments

Great post, much appreciated.

Could you please post an article on installing Kali Linux as dual boot along with windows 7 on UEFI enabled laptops? Bootloader doesnt seem to load when I try. My friends have the same problem and we are using Kali on vmware, which is not comfortable at all :(

Heil Satan... err... Inetd, the Lord of Daemons!

Nice article, I didn't know about nor ever heard of this essential daemon :)

Wich Linux do you recommend for a beginner?

But do I have the same possibilities with Kali as with Ubuntu as an example?

Kali is a hacking distribution of Debian Linux. If you want to learn to hack, use Kali. If not, use Ubuntu.

How do I use Flash Player in Kali Linux when I start it with an USB-Drive? I already have it on my HD with Windows 7.

NESAIJN:

Kali Linux for live USB's should be able to have saved and changed partitions, I assume that you should download Flash Player like normal, then you save the Kali partition of your USB. OTW please correct me if I'm wrong I don't wanna cause an error. Any ways that should be your solution.

S_R

But then I have to set a second partition for my USB right?

Try this:

sudo apt-get install flashplugin-nonfree
sudo update-flashplugin-nonfree --install

Please note that Flash can be exploited PRETTY EASILY

Or if sometime we hack to learn and sometimes no, what about Ubuntu with hacking tools inside :D I use this formula :D hehe.

OTW:

What parameters could you set up in the leafpad (or other text document) doc that are safer and do they have to be in a specific code ( for custom parameters).

S_R

It depends upon the system. As I said in the article, if you only want it available your network or a list of IP addresses, you can list them in the inetd. It will then only respond to connections from those addresses. If it is only used as an FTP server, you can limit it only to FTP connections.

In general, I don't recommend messing with inetd unless you have significant experience with Linux.

I'm a newbie here, sorry for the stupid question, after I install Kali,
do I need internet to hack?

JOP

Should I begin with Kali? Because I can't download backtrack in it's website. But in your part 1 you said to install Backtrack for beginners. Should I start with dual boot or VMWare?

Begin with Kali. Backtrack was discontinued since I wrote those tutorials.

As a beginner, I would recommend using a VM.

If you use a VM, it's a lot less likely you'll screw up your system! :P

Thanks for the response :) Everyone here in null-byte is awesome :D
If I use dual-boot, will I screw up my system?
Sorry for asking LOL

JOP

Nope, but be careful when doing the partitioning.

Thanks!

You could if you accidentally format your hard drive... but you shouldn't. You would have a higher risk though, because you are working with your physical hard drive, not virtual. This gets even scarier when you share the same hard drive.

Thank you for the response my friend!

JOP

Thanks!

I have seen this daemon on the list of running daemons but never knew what it was. I'll have to look into it, since it can be exploited ;)

Executed the locate command in terminal for "rlinetd" and nothing came out,same goes for "xinetd" (txt.conf does not exist since the locate command does not show any content). When i retyped the same exact thing but with "inetd" it worked. So,not to bother you anymore my question here is,since you are reffering to those three as super daemons with every next one an upgrade of his former structure,why is my Kali Linux 2.0 running the original "inetd" instead "rlinetd" as it should since it is Debian. Thank you for your time.

Yeah, I find that weird too. I just ran the command locate rlinetd and it didn't return anything. But when I typed locate xinetd and locate inetd I got some results. I am running Kali 2.0 as well.

My guess is that Kali 2.0 decided not to included?

Yes i was about to say the same thing. Rlinetd doesnt work on Kali linux 2.0 ? Or has it a different variable for it ?

@occupyt

It seems for Kali 2018.1 the super daemon is xinetd (Extended Internet Daemon), and not rlinetd as the article states. This information may need to be updated.

Share Your Thoughts

  • Hot
  • Latest