Considering this is a newbie list, and I myself am a newbie, please feel
free to correct anything that is not entirely correct. Also, you should
yell at me for anything that is blatantly wrong!
Comments are inline:
> I actually did the upgrade instead of upgrading just the kernel, but I
> regret doing so. I had to sit there and uninstall all the extra stuff
> that RH insists on installing. From now on, I'm sticking to
> Slackware.
What made you decide to do this. Did you need upgraded components? Were
there certain components you needed? If so, why didn't you use the rpm
command from 5.2 to install the 6.0 packages instead of using the RH GUI
install?
> After the upgrade, I wanted to make sure I turned off all the extra
> services I did not need (named and httpd for example) as I am
> running most of them on other machines (mail on one machine,
> dns on other two machines, etc).
Makes sense to me.
> inetd
> # I went through this file and turned everything off but
> # telnet and ftp, unless I decide to turn both of them off
> # as well and stick to SSH.
You absolutely HAVE to run inetd. It is not only responsible for ftp and
telnet, it is responsible for all sockets. That means, if you want anyone
or anything to connect to your box or even talk to your box you have to
run inetd. man inetd for more info
> routed -g
> # ip forwarding, I'm guessing
> # I have this on as I intend, eventually, to run Ipchains.
This manages more than just IPforwarding. It is responsible for the
routing tables. I would describe this as important.
>
> lpd
> # no idea what this is. Printer?
> # Whatever it is, can I turn it off?
Yes, that's exactly what it is. There is no security issue here, period.
Moreover, I am not aware of how you disable it if you have no intention of
printing. Also, depending on your trusts - it might be needed to print off
of trusted servers.
>
> sendmail: accepting connections on port 25
> # Can I turn this off? Or do I need it to run internal mail on
> # the machine? I am planning on having an internal mail
> # server take care of mail, and then when I am logged on
> # to connect to my remote mail server and send the
> # queued mail out. I'm told it's possible.
> # Reading the Sendmail book, by OReilly, it explains how
> # to build a sendmail.cf file which would allow for a mail
> # hub, but I suppose I'd still need sendmail on every
> # machine.
Let me sum it up. As far as I know, you cannot receive mail on a machine
w/o having some mailer daemon. In this case, you have sendmail loaded.
This should be no problem. Just because you have sendmail running doesn't
mean this machine is your E-mail hub. This usually has more to do with how
your topology is setup, specifically what machine(s) is connected to your
router etc.
>
> gpm -t ms
> # I'm guessing this is the mouse program.
> # Can I turn this off, since I have no mouse?
This isn't for your mouse. This is a menu/admin program that you can use a
mouse in. Like a miniX for administration. You should be able to remove
gpm also.
>
> mingetty tty1
> mingetty tty2
> mingetty tty3
> mingetty tty4
> mingetty tty5
> mingetty tty6
> # virtual consoles
>
> in.telnetd
> # no idea, but I am guessing it's the telnet daemon, since I
> # telnetted into the gateway from another machine from
> # the network -- too lazy to swap monitor.
>
Yup.
> I'm looking around the internet for some good files that explain how
> to properly secure your machine when connected to the internet
> (eventually it will be online full time). In the mean time if anyone
> has any suggestions or a URL that I could follow, I'd mighty
> appreciate.
Check rootshell for all cracks that would pertain to your machine. Then,
find the patch and install it. The other place I would check is AntiOnline
whether you have good feelings for JP or not. Lastly, cert has both a site
and I think a list. You can reach them at www.cert.org. Caveat emptor:
Security is a full time job 24/7. Why do you think it is, that so many
boxes get cracked.
Good luck.
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to [EMAIL PROTECTED]
Please read the FAQ at http://www.linux-learn.org/faqs
