Re: Re:Re: Beginning to try to secure my box. Thanks so far

To: arthur_dent <arthur_dent@xtra.co.nz>
Cc: debian-user@lists.debian.org
Subject: Re: Re:Re: Beginning to try to secure my box. Thanks so far
From: bill traynor <btraynor@rogers.com>
Date: 07 Jun 2002 22:36:46 -0400
Message-id: <[🔎] 1023503806.708.17.camel@akira>
In-reply-to: <[🔎] 20020608022914.ZQRG26159.mta2-rme.xtra.co.nz@there>
References: <[🔎] 20020605101951.BWNW2990.mta5-rme.xtra.co.nz@there> <[🔎] 874rghu8da.fsf@aldur.ephishmsee.com> <[🔎] 20020608022914.ZQRG26159.mta2-rme.xtra.co.nz@there>

On Fri, 2002-06-07 at 22:15, arthur_dent wrote:
> Thanks so far to all who replied to my earlier post asking about uninstalling 
> a few services/programs  to try to secure this box.
> 
> I have downloaded and printed out the Securing Debian Manual and am beginning 
> to wade my way through. My biggest problem here is the assumptions the 
> authors make about the level of knowledge that the reader will have about 
> Debian/Linux ...there are a lot of things they make reference to that I have 
> no idea about...:-) But I will in time.
> 
> I have also installed from cd the Hardening Docs and will begin reading those 
> too.
> A couple of the replies mentioned that I could disable services in the 
> inetd.conf file. Below is a copy of mine, how do I know what I need and dont 
> need?

You may want to take a look at Securing and Optimizing Redhat Linux by
Gerhard Mourani at
http://www.tldp.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/ although this book is Redhat specific, if provides a general overview of what you need/don't need.


> 
> Thanks for any help.
> # /etc/inetd.conf:  see inetd(8) for further informations.
> #
> # Internet server configuration database
> #
> #
> # Lines starting with "#:LABEL:" or "#<off>#" should not
> # be changed unless you know what you are doing!
> #
> # If you want to disable an entry so it isn't touched during
> # package updates just comment it out with a single '#' character.
> #
> # Packages should modify this file by using update-inetd(8)
> #
> # <service_name> <sock_type> <proto> <flags> <user> <server_path> <args>
> #
> #:INTERNAL: Internal services
> #echo		stream	tcp	nowait	root	internal
> #echo		dgram	udp	wait	root	internal
> #chargen	stream	tcp	nowait	root	internal
> #chargen	dgram	udp	wait	root	internal
> discard		stream	tcp	nowait	root	internal
> discard		dgram	udp	wait	root	internal
> daytime		stream	tcp	nowait	root	internal
> #daytime	dgram	udp	wait	root	internal
> time		stream	tcp	nowait	root	internal
> #time		dgram	udp	wait	root	internal
> 
> #:STANDARD: These are standard services.
> 
> #:BSD: Shell, login, exec and talk are BSD protocols.
> 
> #:MAIL: Mail, news and uucp services.
> smtp		stream	tcp	nowait	mail	/usr/sbin/exim exim -bs
> 
> #:INFO: Info services
> ident		stream	tcp	wait	identd	/usr/sbin/identd	identd
> 
> #:BOOT: Tftp service is provided primarily for booting.  Most sites
> # run this only on machines acting as "boot servers."
> 
> #:RPC: RPC based services
> 
> #:HAM-RADIO: amateur-radio services
> 
> #:OTHER: Other services
> vboxd	stream	tcp	nowait	root	/usr/sbin/tcpd	/usr/sbin/vboxd
> 
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 



-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Beginning to try to secure my box.
  - From: arthur_dent <arthur_dent@xtra.co.nz>
- Re: Beginning to try to secure my box.
  - From: marshal@h9.dion.ne.jp
- Re:Re: Beginning to try to secure my box. Thanks so far
  - From: arthur_dent <arthur_dent@xtra.co.nz>

Prev by Date: Re: X server problems in Woody
Next by Date: Re: this post is not off-topic
Previous by thread: Re:Re: Beginning to try to secure my box. Thanks so far
Next by thread: Re: Beginning to try to secure my box. Thanks so far
Index(es):
- Date
- Thread