On Mon 11 Sep at 12:41:30 -0500 [EMAIL PROTECTED] done said:
> Howdy,
>
> I'm working on secureing my server, one thing I"m doing (of course) is
> shuting down unneeded services. So I noticed these, among the standard ones
> like FTP (which we need):
>
> bismuth:~ # nmap -sT my_server's_IP
>
> 98 open tcp linuxconf
> 111 open tcp sunrpc
> 113 open tcp auth
> 515 open tcp printer
> 967 open tcp unknown
> 1024 open tcp unknown
>
>
> I do not want any of those running, if they aren't needed.
Check the chkconfig man page. You'll want to do a 'chkconfig --del
<service>' on all about which you're concerned. It'll simply remove the start
up scripts from a given runlevel so the service never starts, but if you
don't need the service, might as well get rid of the package.
> bismuth:~ # grep "1024" /etc/services
> # 1024/tcp Reserved
> # 1024/udp Reserved
> there's no entry in /etc/services for port 967 - what is it?
>
> I'm especially interested in shutting down sunrpc - I hear nothing but bad
> things about RPC, at least as far as security goes. We're not using NFS,
> nor NIS, or anything else that needs it (at least, not that I know of. Is
> it used for anything else?)
Get rid of any NFS server services running, but I think it also depends
on if the kernel's enabled with NFS server capabilities. So it might
take a kernel re-compile to get rid of that.
> Also, what' "auth" exactly, and why does linuxconf run as a server? Does it
> have to?
auth is provided by the pidentd package. Also, make sure everything's
commented out in your /etc/inetd.conf (do a 'kill -HUP inetd'
afterwards). I'd also strongly suggest getting ipchains going if you
haven't already done so.
Cheers,
-Charlie
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
