Once your Linux server is active and operational. And you want to safe as possible. However, what the service should be terminated (permanently) that remain secure and how to stop it? Of course, how to stop a service depends on the distribution you use. Not all the same, but most of the service can be stopped using the init.
On the Ubuntu machine, you can stop the service with the command sudo / etc / init.d / command_line stop. At the Red Hat distribution. You can stop them (as root) with the command / etc / rc.d / init.d / command_name stop. Here are the commands you can use to stop the service which can be dangerous to the security server, so you can more safely.
Sendmail
That we must admitted sendmail unless you know the outside in, then you should not use it. Sendmail has much famous rift security. So soon may stop immediately. Sendmail can be stopped with the command / etc / init.d / sendmail stop. Now if you need a mail server, move to Postfix or other mail daemon that is easily secured and configured
NFS
Do not be wrong. You may use it often, but the NFS daemon vulnerable to exploitation. To stop you must stop the NFS and NFS Portmap. Both can be stopped by using the command / etc / init.d / portmap and / etc / init.d / nfs stop
Chargen
By default this service is not running. However, if you get it running, then it is not good. Chargen is used for test purposes, for example, the bandwidth test. To stop this service, run the command / etc / init.d / stop chargen
Ypbind
This daemon binds NIS clients to NIS domain. If you do not use NIS, this service can be stopped. This service can cause some problems, such as vulnerability when there are some remote connection, memory corruption, and other. To stop the ypbind, run the command / etc / init.d / ypbind stop
Sshd
Many administrators who depend on access to sshd on the remote machine. If you do not do that then it's good not to run the daemon. Although OpenSSH is quite secure, vulnerabilities are still there. If you need to run the sshd daemon, make sure to disable root access first and OpenSSH server always updated with the latest release. To stop the sshd daemon, run the command / etc / init.d / sshd stop
Anacron
Service has one function, namely to run a cron job is scheduled when your system down. First and most important is, your system probably will never be down. Service is not necessary, and like much other service, can be exploited. Stop this service with the command / etc / init.d / anacron stop
ATD
This command control the service at the sort, check, or remove the work will be done next. Many people who do not use the at command, and because of what the ATD can be done by cron, then this service can be stopped. To stop the run ATD command / etc / init.d / stop ATD
Routed
Is the server you need to update routing table automatically? Routing on the Linux system can be well exploited and RIP (the protocol used by routed) does not have any authentication in it. So unless you are using Linux as a router, just stop this service. The command / etc / init.d / routed stop will overcome your problem.
SNMPD
When runs this daemon waiting request SNMP to monitor the system. Usually you do not need this unless you need to monitor a remote server. There is a lot of exploitation in the SNMP out there so you might want to think twice if you want to run it on machines that can be accessed from other places. To stop this daemon, run the command / etc / init.d / snmpd stop
Rsync
You may occasionally use rsync. But, this can be replaced with scp (secure copy of the secure shell) with so many weaknesses rsync, then certainly you need to stop it. By running the command / etc / init.d / rsync stop you can feel safe.
That is the list of services that can be terminated to make Linux more secure server, you may ask how that does not need to re-run all the command and if in fact you have to re-boot. On the Ubuntu machine, you can run the command sudo update-rc.d-f remove APPNAME (which is the name of the service APPNAME that removed) that would remove the service from the process of booting
On the Fedora machine, you can run the tool using the Services ) in the service who do not want to run, thenGUI, remove the check ( saved. Or you can use the ntsysv. With ntsysv, you can find the service that is run when booting, select, and press space to stop the service (service that has run the star) and then exit the application. In addition to more secure, the less the service is run when booting, it will be faster to boot your machine. So stopping the service does not need is a win-win solution.
On the Ubuntu machine, you can stop the service with the command sudo / etc / init.d / command_line stop. At the Red Hat distribution. You can stop them (as root) with the command / etc / rc.d / init.d / command_name stop. Here are the commands you can use to stop the service which can be dangerous to the security server, so you can more safely.
Sendmail
That we must admitted sendmail unless you know the outside in, then you should not use it. Sendmail has much famous rift security. So soon may stop immediately. Sendmail can be stopped with the command / etc / init.d / sendmail stop. Now if you need a mail server, move to Postfix or other mail daemon that is easily secured and configured
NFS
Do not be wrong. You may use it often, but the NFS daemon vulnerable to exploitation. To stop you must stop the NFS and NFS Portmap. Both can be stopped by using the command / etc / init.d / portmap and / etc / init.d / nfs stop
Chargen
By default this service is not running. However, if you get it running, then it is not good. Chargen is used for test purposes, for example, the bandwidth test. To stop this service, run the command / etc / init.d / stop chargen
Ypbind
This daemon binds NIS clients to NIS domain. If you do not use NIS, this service can be stopped. This service can cause some problems, such as vulnerability when there are some remote connection, memory corruption, and other. To stop the ypbind, run the command / etc / init.d / ypbind stop
Sshd
Many administrators who depend on access to sshd on the remote machine. If you do not do that then it's good not to run the daemon. Although OpenSSH is quite secure, vulnerabilities are still there. If you need to run the sshd daemon, make sure to disable root access first and OpenSSH server always updated with the latest release. To stop the sshd daemon, run the command / etc / init.d / sshd stop
Anacron
Service has one function, namely to run a cron job is scheduled when your system down. First and most important is, your system probably will never be down. Service is not necessary, and like much other service, can be exploited. Stop this service with the command / etc / init.d / anacron stop
ATD
This command control the service at the sort, check, or remove the work will be done next. Many people who do not use the at command, and because of what the ATD can be done by cron, then this service can be stopped. To stop the run ATD command / etc / init.d / stop ATD
Routed
Is the server you need to update routing table automatically? Routing on the Linux system can be well exploited and RIP (the protocol used by routed) does not have any authentication in it. So unless you are using Linux as a router, just stop this service. The command / etc / init.d / routed stop will overcome your problem.
SNMPD
When runs this daemon waiting request SNMP to monitor the system. Usually you do not need this unless you need to monitor a remote server. There is a lot of exploitation in the SNMP out there so you might want to think twice if you want to run it on machines that can be accessed from other places. To stop this daemon, run the command / etc / init.d / snmpd stop
Rsync
You may occasionally use rsync. But, this can be replaced with scp (secure copy of the secure shell) with so many weaknesses rsync, then certainly you need to stop it. By running the command / etc / init.d / rsync stop you can feel safe.
That is the list of services that can be terminated to make Linux more secure server, you may ask how that does not need to re-run all the command and if in fact you have to re-boot. On the Ubuntu machine, you can run the command sudo update-rc.d-f remove APPNAME (which is the name of the service APPNAME that removed) that would remove the service from the process of booting
On the Fedora machine, you can run the tool using the Services ) in the service who do not want to run, thenGUI, remove the check ( saved. Or you can use the ntsysv. With ntsysv, you can find the service that is run when booting, select, and press space to stop the service (service that has run the star) and then exit the application. In addition to more secure, the less the service is run when booting, it will be faster to boot your machine. So stopping the service does not need is a win-win solution.
Comments
Post a Comment