Re: firewall

["Romanenko M.A." <mikhail@angg.ru>]

The better way (IMHO) is to remove x-bit from /etc/init.d/<file>, if you
don't
want to remove the package because of some reason.
# chmod 644 /etc/init.d/portmap

I don't believe it is the best way, but at least the unwanted daemon doesn't
restart after upgrade . (Package manager complains about it).

Mikhail.

----- Original Message -----
From: Adam Olsen <rhamph@d2dc.net>
To: <debian-security@lists.debian.org>
Sent: Tuesday, September 11, 2001 12:27 AM
Subject: Re: firewall


> On Mon, Sep 10, 2001 at 05:24:15PM +0100, Tim Haynes wrote:
> > Rishi L Khan <rishi@UDel.Edu> writes:
> >
> > > If you're not using sunrpc or lpd, I would turn them off. The way I do
it
> > > is turn off the services (/etc/init.d/portmap stop; /etc/init.d/lpd
stop)
> > > and then edit /etc/init.d/lpd and /etc/init.d/portmap and add a line
near
> > > the top that says "exit 0" (w/o quotes) so that when you restart, they
> > > don't come back.
> >
> > It should be sufficient to do
> >         update-rc.d -f portmap remove
> >         update-rc.d -f lpd remove
> >         update-rc.d -f bind remove
>
> As an aside, I did this with proftpd, but when I upgrade the install
> scripts restart it.  Is there a proper way way to deal with this?  Is
> there some debian policy relating to it?
>
> --
> Adam Olsen, aka Rhamphoryncus
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
>