Basic OS Security - Redhat 9 firewall Machine; and Thanks Mr.Karasik

Karasik, Vitaly vkarasik at nds.com
Tue Oct 19 11:16:04 UTC 2004 

> 
> My special thanks to Mr. Vitaly Karasik for helping me with
> the syslogging and logrotate. The articles are good. I have
> some issues but I will respond after I finish with those articles.

you're welcome!


Regarding to fw & running services:
- switching to text virtual console doesn't stop X Window [KDE/GNOME], in order to stop X Window you should run your linux box in "runlevel 3" 
- here you can read intro about securing linux box:
http://post.doit.wisc.edu/linux/secure.html Securing a Default Install of Red Hat Linux 8.0 or 9.0
http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/security-guide/  Red Hat Linux Security Guide

sites like http://securityfocus.com/  & books  will provide  with more or less systematic overview security issues

Rgds,
Vitaly

> 
> 
> ---------------------------Problem----------------------
> 
> I run an IPtables fireall on a default installation of Redhat
> 9 on my desktop. The machine DO NOT have any other function. 
> 
> Since my experience in the Linux world was humble, I chose to
> install everything during installation of the OS. {especially
> since I felt most of the necessary rpms will be installed that
> way}.
> 
> I would like to seek your advise on the services that I should
> stop for safety of the firewall. I noted some of the functions
> that I read from the GUI services tool. The services running are
> 
> (1) anacron;  (2) apmd(monitoring battery); (3) atd (runs
> command scheduled by 'at'); (4) autofs; (5) cron; 
> 
> (6) cups(I stopped it as I have no printer); (7) GPM(mouse
> support for text based linux app); (8) hpoj; (9) irqbalance;
> (10) isdn (stopped); 
> 
> (11) keytable; (12) netfs; (13) nfslock; (14) portmap; (15)
> rendow; 
> 
> (16) rawdevices; (17) sendmail (I stopped it); (18) sgi_fam;
> (19) spamassasin; (20) xinetd
> 
> B) 
> 
> I dont need the GUI any more. Does running the firewall in
> command line mode offer more protection? Now the KDE is
> running. {If I go to command line with <shift> + F5 key will
> it offer more protection?}
> 
> 
> Thanks.
> Menon
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
> 
***********************************************************************************
Information contained in this email message is intended only for use of the individual or entity named above. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please immediately notify the postmaster at nds.com and destroy the original message.
***********************************************************************************

More information about the redhat-list mailing list