OK, I'm a bit of a newbie but have been reading quite a bit regarding iptables. I'm trying to secure my recent Debian3.0 install. I understand how the rules of iptables work but:

1. how can I verify that iptables is already installed?
2. One "how to" I read said iptables might be a module or compiled into the kernel. How do check to see if it's in the kernel?
3. I thought the "inetd.conf" file started all the services. However, ssh, telnet, finger are not even listed in this file. Where are those services started and how do I disable them?

This should get me started. I've pasted my "inetd.conf" file and the output to a "netstat -pant" command which shows some vulnerability (I think). I don't want to run any services. I only need to access the net.


*********************** here is the inetd.conf file

# /etc/inetd.conf: see inetd(8) for further informations.
#
# Internet server configuration database
#
#
# Lines starting with "#:LABEL:" or "#<off>#" should not
# be changed unless you know what you are doing!
#
# If you want to disable an entry so it isn't touched during
# package updates just comment it out with a single '#' character.
#
# Packages should modify this file by using update-inetd(8)
#
# <service_name> <sock_type> <proto> <flags> <user> <server_path> <args>
#
#:INTERNAL: Internal services
#echo stream tcp nowait root internal
#echo dgram udp wait root internal
#chargen stream tcp nowait root internal
#chargen dgram udp wait root internal
discard stream tcp nowait root internal
discard dgram udp wait root internal
daytime stream tcp nowait root internal
#daytime dgram udp wait root internal
time stream tcp nowait root internal
#time dgram udp wait root internal

#:STANDARD: These are standard services.

#:BSD: Shell, login, exec and talk are BSD protocols.

#:MAIL: Mail, news and uucp services.
smtp stream tcp nowait mail /usr/sbin/exim exim -bs

#:INFO: Info services
ident stream tcp wait identd /usr/sbin/identd identd

#:BOOT: Tftp service is provided primarily for booting. Most sites
# run this only on machines acting as "boot servers."

#:RPC: RPC based services

#:HAM-RADIO: amateur-radio services

#:OTHER: Other services




******** here is the netstat -pant output:

(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:515 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:113 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:37 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:13 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:9 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:1024 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN -