Re: [gentoo-user] security: unwanted daemons
On Sat, 2003-11-22 at 01:01, Andrew Gaffney wrote: > Just because they are in /etc/init.d does not mean that they are running. They are > only > running if *you* did 'rc-update add default'. You can double check this by > running 'rc-status'. If they are not in the list, then they don't start by default. I often check what's on my own boxes by running nmap and nessus over the network. Nmap is a simple portscanner that will quickly show what ports are available. Nessus is a big-hammer security scanner. It will show you what's running, and any number of ways that a potential attacker could try to exploit your system. If you tell it not to be nice, it will actually try a few hundred exploits and tell you whether they worked. These tools are very useful and worth using if you're at all concerned about security. But, if you run them against someone else's machine, you will probably piss them off. For instance, if you happen to run nmap against my university's DNS servers, even from off campus, they will have your ISP call you for a little chat. Not that I'd know... :-) I don't even want to know what they'd have to say if I ran Nessus against one of their machines... -Luke -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] security: unwanted daemons
On Sat, 22 Nov 2003 11:46:26 +0100 mathieu perrenoud <[EMAIL PROTECTED]> wrote: > rc-status is in /bin and is part of the baselayout ebuild. I think this one is > included by default in gentoo. but if /bin/rc-status is not found, try > re-emerging baselayout. 'rc-update show' shows a list of services available on your system and at which runlevel they're started - or not. I do like the output much more than 'rc-status' :) -- Dennis Freise <[EMAIL PROTECTED]> GnuPG key fingerprint: 2DE8 CCEF 6E20 11D4 3B27 21EC B0BA 1749 D2C8 38ED Get my public key at : http://www.final-frontier.ath.cx/gpg_public_key.txt pgp0.pgp Description: PGP signature
Re: [gentoo-user] security: unwanted daemons
On Saturday 22 November 2003 09:18, [EMAIL PROTECTED] wrote: > >> i installed Gentoo 031015 & am very pleased with it, but still learning. > >> there are 4 daemons in /etc/init.d for remote access to my box: > >> sshd slapd slurpd rsyncd . i've checked their man pages > >> & all appear to be running as servers for things i don't need or want. > >> two questions: am i correct that i can remove these scripts from init.d > >> without interfering with the ordinary functioning of my system ? > >> and why are they set up by default on a Gentoo system, > >> when they cd cause a security problem for a naive -- mb me -- user ? > >> and perhaps a 3rd question: are there any other similar items in init.d > >> ? > > > > Just because they are in /etc/init.d does not mean that they are running. > > They are only running if *you* did 'rc-update add default'. > > yes, sorry for the rather naive question: > i knew re runlevels , but hadn't remembered re init.d . > > > You can double check this by running 'rc-status'. > > If they are not in the list, then they don't start by default. > > > rc-status > bash: rc-status: command not found > > don't you have to do it per daemon, eg '.../adsl status' ? you can do it per daemon, but rc-status will actually test the status of all services registered to your current runlevel. you can add a service to a runlevel with: rc-update add and remove it with rc-update del this will create/remove the symlink /etc/runlevels// you can add or remove the links there yourself if you don't want to use the rc-tools. but don't remove things in /etc/init.d rc-status is in /bin and is part of the baselayout ebuild. I think this one is included by default in gentoo. but if /bin/rc-status is not found, try re-emerging baselayout. -- mathieu -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] security: unwanted daemons
031122 Andrew Gaffney wrote: > [EMAIL PROTECTED] wrote: >> i installed Gentoo 031015 & am very pleased with it, but still learning. >> there are 4 daemons in /etc/init.d for remote access to my box: >> sshd slapd slurpd rsyncd . i've checked their man pages >> & all appear to be running as servers for things i don't need or want. >> two questions: am i correct that i can remove these scripts from init.d >> without interfering with the ordinary functioning of my system ? >> and why are they set up by default on a Gentoo system, >> when they cd cause a security problem for a naive -- mb me -- user ? >> and perhaps a 3rd question: are there any other similar items in init.d ? > Just because they are in /etc/init.d does not mean that they are running. > They are only running if *you* did 'rc-update add default'. yes, sorry for the rather naive question: i knew re runlevels , but hadn't remembered re init.d . > You can double check this by running 'rc-status'. > If they are not in the list, then they don't start by default. > rc-status bash: rc-status: command not found don't you have to do it per daemon, eg '.../adsl status' ? -- ,, SUPPORT ___//___, Philip Webb : [EMAIL PROTECTED] ELECTRIC /] [] [] [] [] []| Centre for Urban & Community Studies TRANSIT`-O--O---' University of Toronto -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] security: unwanted daemons
[EMAIL PROTECTED] wrote: i installed Gentoo 031015 & am very pleased with it, but still learning. there are 4 daemons in /etc/init.d for remote access to my box: sshd slapd slurpd rsyncd . i've checked their man pages & all appear to be running as servers for things i don't need or want. i do want to use 'ssh', but that's unaffected when i remove 'sshd'. two questions: am i correct that i can remove these scripts from init.d without interfering with the ordinary functioning of my system ? and why are they set up by default on a Gentoo system, when they cd cause a security problem for a naive -- mb me -- user ? and perhaps a 3rd question: are there any other similar items in init.d ? Just because they are in /etc/init.d does not mean that they are running. They are only running if *you* did 'rc-update add default'. You can double check this by running 'rc-status'. If they are not in the list, then they don't start by default. -- Andrew Gaffney -- [EMAIL PROTECTED] mailing list
[gentoo-user] security: unwanted daemons
i installed Gentoo 031015 & am very pleased with it, but still learning. there are 4 daemons in /etc/init.d for remote access to my box: sshd slapd slurpd rsyncd . i've checked their man pages & all appear to be running as servers for things i don't need or want. i do want to use 'ssh', but that's unaffected when i remove 'sshd'. two questions: am i correct that i can remove these scripts from init.d without interfering with the ordinary functioning of my system ? and why are they set up by default on a Gentoo system, when they cd cause a security problem for a naive -- mb me -- user ? and perhaps a 3rd question: are there any other similar items in init.d ? -- ,, SUPPORT ___//___, Philip Webb : [EMAIL PROTECTED] ELECTRIC /] [] [] [] [] []| Centre for Urban & Community Studies TRANSIT`-O--O---' University of Toronto -- [EMAIL PROTECTED] mailing list