nixCraft

Hi gurus!

I was asked to close all insecure or network services pose a security threat for Linux server. I was also reading somewhere that almost all network service is insecure so I must turning off unused services or not so important one. The idea is to keep exploits for services and patched under control…

The only problem is I don’t know which Linux network services pose a security threat?

Our server setup is CentOS linux (RHEL clone) and a 2 webserver and 1 mysql server.

Any network service which pass usernames/passwords over a network unencrypted is insecure. Examples:
telnet
ftp
all R services (rlogin/rsh)

etc. Disable these services. If you are using RHEL/Fedora Core/CentOS, tyep ntsysv command to disable all these services:

If you are using following services use firewall:

yservices (yppasswdd/ypserv/ypxfrd) - NIS
finger, identd
Network dump services (netdump/netdump-server)
Linux/UNIX Network file sharing (nfs/portmap etc)
sendmail
Samba

__________________
Rocky Jr.
You may have my body & soul, but you will never touch my pride!

If you have knowledge, let others light their candles at it.

Certified to work on HP-UX / Sun Solaris / RedHat