Locking down RedHat
Andrew Bacchi
bacchi at rpi.edu
Tue Oct 25 12:58:43 UTC 2005
The short answer is only run the processes that you need. There will be
a difference in necessary processes between enterprises and even between
servers within an enterprise. As an example here is a part of my
kickstart file.
chkconfig --level 0123456 lpd off
chkconfig --level 0123456 netfs off
chkconfig --level 0123456 isdn off
chkconfig --level 0123456 wu-ftpd off
chkconfig --level 2345 sendmail on
chkconfig --level 2345 ntpd on
chkconfig --level 0123456 wine off
chkconfig --level 0123456 named off
You can see, I don't print from this server, so I shutdown lpd. Think
about what you use, and shutdown that which you don't. xinetd may be one
to consider.
On Tue, 2005-10-25 at 08:40, Shane Presley wrote:
> Anybody have any best practices/links to how to "lock down" RedHat?
> Serverices to consider shutting off from the default install, etc.
>
> Thanks
> Shane
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
--
veritatis simplex oratio est
Andrew Bacchi
Staff Systems Programmer
Rensselaer Polytechnic Institute
phone: 518 276-6415 fax: 518 276-2809
http://www.rpi.edu/~bacchi/
More information about the redhat-list
mailing list