System Guide
Using scripts to enhance security features
Common Controller
•
Rlogon
•
TNAME
•
Rstatd
•
Sadmin
•
Fs
•
Amiserv
•
Rpc.cmsd
•
Tooltalk database server
•
KCMS profile server
•
Anonymous ftp
•
Remote diagnostics
•
Removal of + from the hosts.equiv file
•
Anonymous lp
•
NFS server services
•
Nuucp account disabled
•
Listen account disabled
•
Password entry locked for bin, sys, adm, uucp, nobody,
noaccess, nobody4, and anonymous
•
Disallow all users for at, cron, and batch
•
Bwfns (no longer required for DigiPath)
Solaris services disabled: S40llc2, S47asppp (remote
diagnostics), S70uucp, S711dap.client (LDAP daemon),
S72autoinstall, S72slpd, S74xntpd, S80spc, S90wbem,
S15nfs.server (NFS Server; must be enabled for DigiPath),
S76snmpdx, S77dmi, and S80mipagent
NOTE: The new scripts are explained in greater detail later in
this document.
The Xerox DocuSP Security Script (XDSS) is comprised of
several scripts to that are located in the /opt/XRXnps/bin
directory. These scripts enhance security features and must be
run when you are logged in as root. This section explains the
public scripts that are available and the features they include.
Security and Network Setup
4-7