securing my box [Archive] - Web Hosting Talk

Tim Greer

01-30-2002, 10:26 PM

Originally posted by Memento
i have a linux box redhat 7.1 with my cable modem. How to close risky-ports?

Check to see if you have an /etc/inetd.conf file and comment out any unwanted service that way. Then do a KILLHUP to restart that service with the changes.

Check for any services you don't want or need in the appropriate run level that you're using. You can also do this via /sbin/chkconfig (you can use the --list) option to see what are enabled. You can then use it to disable or remove them from the appropriate run level using that same tool.

Check your /etc/xinetd.d directory and remove or disable any service there you don't want.

Make sure there's no extra programs/services running otherwise.

Make sure there's no programs/services running that open up connections to your system that you don't need.

Implement some firewall rules to keep everyone but you out and configure it accordingly to allow what you need in, in.

Configure any services you need or want, to not allow people to abuse them or use them to access your system in any manner you don't specifically want them to. If you do, make sure you only allow them to do what you want in a controlled manner, of course.

Control is the key, it's your system, you control it. Reboot your system after making the appropriate changes and make sure everything's where it should be and how it should be. The fact that this is a home system makes it a lot easier to secure, and takes less configuring of a lot of things, than say it would be for a web server. You don't have any need or reason to offer a lot of the things a web server would, so you have a considerable amount less work to do.