UNIX System Administration Handbook - Evi Nemeth [495]
telnetd: yet another remote login server
telnetd is very similar to rlogind, except that it uses the TELNET protocol. This protocol allows the two sides (client and server) to negotiate flow control and duplex settings, making it a better choice than rlogind for links that are slow or unreliable. Like rlogin, telnet transmits plaintext passwords across the network. Its use is therefore discouraged in modern networks. Many non-UNIX systems support telnet.
sshd: secure remote login server
sshd provides services that are similar to rlogind, but its sessions are transported (and authenticated) across an encrypted pipeline. A variety of encryption algorithms are available. Because of the harsh environment of the Internet today, you must allow shell access from the Internet only through a daemon such as this—not rlogind or telnetd. You can find more information about sshd starting on page 672.
rshd: remote command execution server
rshd handles remote command execution requests from rsh7 and rcmd. The authentication process enforced by rshd is similar to that of rlogind, except that if automatic authentication does not work, rshd denies the request without allowing the user to supply a password. rshd is also the server for rcp (remote cp).
rexecd: yet another command execution server
rexecd is similar to rshd, except that it does not perform automatic authentication; all requests must be accompanied by a username and a password. This server was used by some early networking programs, but it is no longer in widespread use.
rpc.rexd: yet a third command execution server
rexd is the RPC remote execution daemon. It is not used much and is riddled with security holes. You should make sure that rexd is commented out of your inetd configuration file. rexd is used by the on command, which will stop working when you disable rexd.
routed: maintain routing tables
routed maintains the routing information used by TCP/IP to send and forward packets on a network. routed deals only with dynamic routing; routes that are statically defined (that is, wired into the system’s routing table with the route command) are never modified by routed. routed is relatively stupid and inefficient, and we recommend its use in only a few specific situations. See page 351 for a more detailed discussion of routed.
gated: maintain complicated routing tables
gated understands several routing protocols, including RIP, the protocol used by routed. gated translates routing information among various protocols and is very configurable. It can also be much kinder to your network than routed. See page 352 for more information about gated.
named: DNS server
named is the most popular server for the Domain Name System. It maps hostnames into network addresses and performs many other feats and tricks, all using a distributed database maintained by nameds everywhere. Chapter 16, The Domain Name System, describes the care and feeding of named.
syslogd: process log messages
syslogd acts as a clearing house for status information and error messages produced by system software and daemons. Before syslogd was written, daemons either wrote their error messages directly to the system console or maintained their own private log files. Now they use the syslog library routine to transfer the messages to syslogd, which sorts them according to rules established by the system administrator.
See page 210 for more information about syslog.
fingerd: look up users
fingerd provides information about the users that are logged in to the system. If asked, it can also provide a bit more detail about individual users. fingerd does not really do much work itself: it simply accepts lines