Securing Ports

[Lars Nordin]

On Monday 07 November 2005 01:18 pm, Rhugga Harper wrote:
> Well it could be in several places. For starters, disable unecessary
> services in the /etc/xinetd.d directory (or even disable xinetd completely
> if it isn't needed). Then disable any services that are started via
> /etc/init.d. (Easy way is to use chkconfig, see whats enabled at what run
> levels and tweak accordingly)
> 
> Using lsof, you can see what processes have listenning sockets and you can
> use this as a complete list of IP services.
> 
> -Chuck

I would just add that after you have turned off unecessary daemons (win-speak: 
services) via xinetd or the init scripts that next I would use tcpwrappers or 
firewalling to limit access for running services to the hosts that you want 
to grant access. Doing both my seem exsessive but there is defense in depth. 
See any Linux security site for documentation and tools to help you do this.
Nessus is a great scanning tool to show you what is open and potential issues 
with that server.