LinuxSA Mailing list archives
Index:
[thread]
[date]
[subject]
[author]
From: Geoffrey D. Bennett <g@netcraft.com.au>
To : Ismail Ibrahim <mi-mi@sbs.itc.usm.my>
Date: Mon, 7 Jul 1997 20:47:48 +0930 (CST)
Re: Security
> > You should also remove or disable any incoming services that you don't
> > use (eg. rlogin, rsh, telnet, ftp, talk, sendmail, pop, imap, http,
> > samba, etc).
>
> OK, I intend to disable some of these services, but how do I do that?
For rlogin, rsh, telnet, talk, the best way is to edit /etc/inetd.conf
and put a hash mark ("#") at the start of the appropriate line, then
restart inetd ("ps aux | grep inetd" and
"kill -1 whatever-inetd's-pid-is"). This leaves those servers
installed, but they can't be used.
For ftp, pop, imap, http, and samba the best way is:
rpm -e wu-ftpd
rpm -e imap
rpm -e apache
rpm -e samba (unless you need the samba client)
This method completely removes those servers from your system (don't
worry, RPM makes it just as easy to reinstall them :).
If you need the samba client, but not the server:
cd /etc/rc.d/rc3.d
mv S91smb s91smb
cd ../rc5.d
mv S91smb s91smb
This disables the server from starting up.
> > Yep. One to set up the shadow file, and another to set the
> > permissions on the backup and/or shadow file correctly.
>
> Great!, I thought I had to recompile the programs to use shadow
> password.
Nope. That is the beauty of PAM (Pluggable Authentication Module).
Anything compiled to use it (like Red Hat's telnet, ftp, samba, etc
servers) will use whatever authentication scheme you have installed.
> One other thing..whenever I boot up Linux (before I had installed a
> network card), one of the messages that scroll down the screen says:
>
> sysquery: sendto 198.41.0.4
>
> This turned out to be one of the root servers: a.root-servers.net
> Does it have to do this?
Did it go away when you installed a network card? Do you have bind
installed?
Regards,
--
Geoffrey D. Bennett (geoffrey@netcraft.com.au)
Computer Systems Manager, NetCraft Australia
http://www.netcraft.com.au/geoffrey/
Red Hat Linux Resellers: http://www.netcraft.com.au/redhat/
Index:
[thread]
[date]
[subject]
[author]
Return to the LinuxSA Mailing List Information Page