July 24th, 2001, 10:46 AM
Which (Linux) services do i really need ?
I have had my Linux (RH6.2) box for some time now and have put in a lot of effort to make sure it's as secure as possible, although it's an ongoing process. I keep looking at the /etc/services file, and am wondering just what I can safely remove before I lock myself out of the box completely. Is there a newbie guide somewhere that can help me ?
July 24th, 2001, 12:45 PM
It would be alot easier if you started with any *BSDs. Like a firewall policy, you *should* deny everything by default, then allow appropriate ports for connection.
Similarily, any *BSDs has a better default installation which doesn't enable most services by default. Often, it disables everything by default (even SSHd). You just have to manually enable the services you really needed.
>> am wondering just what I can safely remove before I lock myself out of the box completely
If you have physical access to your box, you can safely disable everything (even inetd) and enable the ones you really needed.
>> have put in a lot of effort to make sure it's as secure as possible
To make your Redhat box as secure as possible, disabling services is insufficient. There are tons of vulnerabilities and bugs all over (Redhat especially), so you really need to keep track of all possible bugs and apply appropriate patches accordingly.