Re: services I don't need - turn them off?!?!?!
Hi,
There are two ways to turn off services in inetd.conf and in the /etc/rc.d/*.
As you've discovered you can turn off any service which is controlled by the super-server inetd by commenting it out and then restarting inetd e.g kill -HUP `cat /var/run/inetd.pid`.
Servers which are not controlled by inetd are started through the configuration scripts. These are stored in /etc/rc.d/init.d and are executed at the runlevel the system is in: so for example if the system is in runlevel 3 then the scripts in /etc/rc.d/rc3.d are run. You can find out what runlevel your system is in currently with the command runlevel and can find the default level the system will switch into by inspecting /etc/inittab; so for example mine shows that level 3 is the standard level on my system:
id:3:initdefault:
So to stop a particular server starting you need to find the script that starts it in the right runlevel directory and remove the symlink. Shutdown to single user level and then come back up and the server should be no more.
Hope this helps,
Steve
On Sat, Dec 11, 1999 at 04:09:24PM -0800, Lev Lvovsky wrote:
> Hello,
>
> for the sake of knowing how to do such thigns, I'd like to turn off some
> services that I feel comprimise my server security, and aren't being used.
>
> with portscan, this is what I get from a non-local host.
> 9 -> discard
> 13 -> daytime
> *21 -> ftp
> *22 -> ssh
> *23 -> telnet
> *25 -> smtp
> 37 -> time
> 53 -> domain
> 79 -> finger
> *80 -> www
> *110 -> pop-3
> 111 -> sunrpc
> 113 -> auth
> 512 -> exec
> 513 -> login
> 514 -> shell
> 515 -> printer
>
> the ones with the *'s are the things I KNOW I need...I'm sure there are
> others that I need.
>
> the most annoying one is the sunrpc...i've tried renaming portmap, and
> restarting inetd, but it's still there.
>
> thanks for any help!
> -lev
>
>
> --
> Unsubscribe? mail -s unsubscribe debian-user-request@lists.debian.org < /dev/null
>
Reply to: