As an administrator,  you wouldn’t want external users to access a new service while you are setting it up. In such cases, you might want to bind the service to loop-back address (127.0.0.1) until you are sure that service is functional and not vulnerable. As a Desktop user, to increase security of the system, you can turn off unused services and change the bind address to loop-back for the servers that are not expected to be accessed from outside.

Coming to the actual topic of changing bind address of a service under xinetd, you need to add a line similar to the following in the corresponding service file present in /etc/xinetd.d directory.

For example, I have VMWare server installed in my system and it starts vmware-authd service under xinetd. This service automatically binds to “any” address leaving the port open to external users. If I don’t want any external access to my service, I can change the bind address to loopback address.

[root@techpulp ~] cat /etc/xinetd.d/vmware-authd
# default: on
# description: The VMware remote access authentification daemon
service vmware-authd
{
disable         = no
port            = 908
socket_type     = stream
protocol        = tcp
wait            = no
user            = root
server          = /usr/sbin/vmware-authd
type            = unlisted
bind            = 127.0.0.1
}
[root@techpulp ~]#