• Post Reply Bookmark Topic Watch Topic
  • New Topic

Base Linux Processes  RSS feed

 
Vineet B
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi
I am new to linux and server admin tasks and need to set it up as (low scale) server. I have a RH9 copy which I Installed in its Server mode. It does start a lot of process and services. I need to know which of the processes that are setup/started by default can be security hazards and should be turned off in a typical Linux server environment. Also would really appreciate if someone can tell me about glaringly obvious pitfalls that I need to be aware of.
Thanks in advance.
--Vineet
 
Adrian Yan
Ranch Hand
Posts: 688
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I run debian, so I hope this helps. Look into your /etc/init.d directory, it contains all the scripts that control services. Then you need to go thru /etc/rc?.d directories and see how they link to those scripts. and turn them off as you go.
Maybe Redhat has a different way of handling things.
 
Vineet B
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Adrian.
How will I know which ones to turn off? I dont really know which NEED to remain on and which are usually turned off in a typical Unix/Linux server environment. Like, I know that I need to keep sshd on for secure logins etc as well as shut off telnet, ftp from xinetd etc
but there are so many others that I dont know about like atd - i.e. whether turning it off will screw up some system process that may use this. And yes, Redhat does provide a chkconfig command to turn on/off services.
 
Adrian Yan
Ranch Hand
Posts: 688
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I can't say which one you should run or not, depends on your needs. My suggestion is to turn off everything except SSH. That way, the system is pretty secure.
You don't need anything like telnet, ftp, ntp, smtp etc. unless you are absolutely sure you need them.
 
Vineet B
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks a lot Adrian !!
 
Alton Hernandez
Ranch Hand
Posts: 443
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Be aware that there are system processes that are started from there. For example, syslog, lpd or iptables/ipchains may be one of them. You really have to look at them one-by-one to see which one you need. Although I can tell you that those services started by xinetd are probably not that important.
Perhaps you can list them here so that we can all discuss which one you can turn-off.
[ September 29, 2003: Message edited by: Alton Hernandez ]
 
Tim Holloway
Saloon Keeper
Posts: 18789
74
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/security-guide/
There are now a number of books available on the subject as well.
 
Adrian Yan
Ranch Hand
Posts: 688
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
agree... you should always be careful when you do stuff like that.
Most of the security problems comes with network services like sendmail, telnet, etc. That's another reason I use debian for a minimum installation and add stuff as I go.
Also, check for security updates more often, I think redhat has a support page that gives all those information.
But usually, unless you are running a super multi-user environment, ssh should be the only process that accepts outside connection. or, you can simply run everything with chroot (jailed) environment), this is a pain in the ass time to time, but definitely worth considering if you are really sensitive about it.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!