Tips Linux Explorers   All Things Linux Forum   Great Linux Links   LinuxClues.com   Hometown   Email 



SECURITY: SERVICES STARTED AT BOOT


Surely you are aware that at boot a good number of services are started, most of them you will see in the bootmessages.
The story is that you do not need all those that are being started, you do need most of them but you can do some weeding out of the ones you do not need and are possibly a security risk.
( It can even reduce the time it takes to boot . . however, do not expect too much here, this will only be a few seconds )

Let me first list a few services you DO need and therefore should NOT deactivate:

QUOTE (Bruno @ Tips)
apmd : Advanced Power Management Daemon
atd : daemon for the at command. Runs "one-off" scheduled operations outside the cron daemon, as set by the command line.
crond : provides a daemon to perform scheduled operations without user interaction
daytime : provides the system's notion of the time of day
echo : displays a line of text
fam : the File Alteration Monitor. This server tracks changes to the filestystem, passing the information along to the appropriate application.
keytable : provides the appropriate keyboard mapping
partmon : monitors the contents of a partition, preventing writing : 0 byte files when the partition is full
random : random number generator
syslog : a system-wide logging utility
xinetd : the Extended Internet Services Daemon


Now, I will take as an example, Mandrake and PCLos, because they are very similar. Most other distros have equivalent tools to shut services down and stop them from starting at boot. In Slackware it is a bit more complicated but real Slackers will find a way to get the job done anyway.

So, in Drake & PCLos . . . . in the menu under "Configuration" you will find "Configure your Computer" this brings up the Master Control Center ( same as MCC in Drake ) and there under "System" you have "DrakXServices" . . this brings up a GUI with all the services running ( or not ) and there is an info button at every item . . also there is a stop-button for every service where you can temporary stop the service and see if it affects the smooth running of your system ( on a reboot it will start again if you leave the checkmark . . the trick is: Note down every change you make ! Only if you are 100% sure you take away the checkmark !


-- A few services that are running by default in PCLos and that you can safely disable are:

hpoj ( If you do NOT have a HP printer )
nfs ( to comunicate with other Linux computers on a network )
nfslock ( idem )
portmap ( server stuff )
postfix
smb ( if you do not run samba to comunicate with a Windows computer on the network )
swat ( also samba related, admin tool for samba )
wlan ( wireless lan config/activate etc. )


-- You DO need:
alsa
anacron
atd
crond
cups
devfsd
dm
fam
gmp
internet
iptables ( for the firewall to work )
keytable
kheader
pcscd
random
rawdevices
services
slpd
sound
tmdns
xfs
xinetd

That is all for today ! . . Next time we will look at Servers/services.


Okay, to give a little hint to you Slackware users: to disable a service from starting at boot look in the /etc/rc.d/ directory . . they will be there, as an example, to safely prevent sendmail from starting at boot ( you do not need sendmail to send mail ) and be sure that you can put it back on if you find that you made a mistake disabling it, do:

CODE
#  mv  /etc/rc.d/rc.sendmail  /etc/rc.d/rc.sendmail.OLD

To restore to the previous situation you simply do
 
CODE
#  mv  /etc/rc.d/rc.sendmail.OLD  /etc/rc.d/rc.sendmail



Have FUN securing your system !


Bruno


-- Apr 14 2004 ( Revised Dec 13 2005 ) --


Tips Linux Explorers   All Things Linux Forum   Great Linux Links   LinuxClues.com   Hometown   Email