Red Hat ENTERPRISE LINUX 3 - SECURITY GUIDE Manual page 46
Hide thumbs
Also See for ENTERPRISE LINUX 3 - SECURITY GUIDE:
- Manual (410 pages) ,
- System administration manual (348 pages) ,
- Reference manual (324 pages)
Table of Contents
Advertisement
34
When determining whether to leave these services running, it is best to use common sense and err on
the side of caution. For example, if a printer is not available, do not leave
true for
. If you do not mount NFS volumes or use NIS (the
portmap
should be disabled.
Red Hat Enterprise Linux ships with three programs designed to switch services on or off. They
are the Services Configuration Tool (
information on using these tools, refer to the chapter titled Controlling Access to Services in the Red
Hat Enterprise Linux System Administration Guide.
Figure 4-3. Services Configuration Tool
If unsure of the purpose for a particular service, the Services Configuration Tool has a description
field, illustrated in Figure 4-3, that may be of some use.
But checking to see which network services are available to start at boot time is not enough. Good
system administrators should also check which ports are open and listening. Refer to Section 5.8
Verifying Which Ports Are Listening for more on this subject.
4.5.3. Insecure Services
Potentially, any network service is insecure. This is why turning unused services off is so important.
Exploits for services are revealed and patched routinely, making it very important to keep packages as-
sociated with any network service updated. Refer to Chapter 3 Security Updates for more information
about this issue.
Some network protocols are inherently more insecure than others. These include any services which
do the following things:
Pass Usernames and Passwords Over a Network Unencrypted — Many older protocols, such as
•
Telnet and FTP, do not encrypt the authentication session and should be avoided whenever possible.
Pass Sensitive Data Over a Network Unencrypted — Many protocols pass data over the network
•
unencrypted. These protocols include Telnet, FTP, HTTP, and SMTP. Many network file systems,
such as NFS and SMB, also pass information over the network unencrypted. It is the user's respon-
sibility when using these protocols to limit what type of data is transmitted.
redhat-config-services
Chapter 4. Workstation Security
running. The same is
cupsd
service), then portmap
ypbind
), ntsysv, and
chkconfig
. For
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for Red Hat ENTERPRISE LINUX 3 - SECURITY GUIDE
Related Products for Red Hat ENTERPRISE LINUX 3 - SECURITY GUIDE
- Red Hat ENTERPRISE LINUX 3 - FOR IBM ESERVER ISERIES AND IBM ESERVER PSERIES
- Red Hat ENTERPRISE LINUX 3 - USING BINUTILS
- Red Hat ENTERPRISE LINUX 3 - STEP BY STEP GUIDE
- Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 4.5
- Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 4.7
- Red Hat ENTERPRISE LINUX 4 - DM MULTIPATH
- Red Hat ENTERPRISE LINUX 4.5.0 -
- Red Hat ENTERPRISE LINUX 5.1 DM MULTIPATH
- Red Hat LINUX 7.2 - OFFICIAL LINUX CUSTOMIZATION GUIDE
- Red Hat LINUX 7.1 - ISERIES
- Red Hat Enterprise Linux 2.1
- Red Hat ENTERPRISE LINUX 5 - VIRTUAL SERVER ADMINISTRATION
- Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 5.2
- Red Hat ENTERPRISE LINUX 5.5 - S 2010
- Red Hat ENTERPRISE LINUX 5.3 - RELEASE MANIFEST
- Red Hat ENTERPRISE LINUX 5.1 - LINUX ORACLE
Need help?
Do you have a question about the ENTERPRISE LINUX 3 - SECURITY GUIDE and is the answer not in the manual?
Questions and answers