Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have just installed Slackward 9.1 after using SuSE almost exclusively for over a year. I've been able to get my firewall setup using various guides, but I'm having a slight problem with another area of security.
I know I should disable unnecessary services, and I know how to disable them. The part that gets me is figuring out which are unnecessary. Most of the documentation I've been able to find isn't very clear on this.
My computer not part of any network, and I am not using it as a server in any way. I use it to access the internet and do all the usual things one does with a desktop computer, nothing more.
Does that mean I can just disable all of them (I'm thinking yes)?
You have 2 ways of taking this forward:
1. Go to www.google.com and/or ww.google.com/linux and do a search on each service. Once you know what they are, you can decide if they are necessary. Eg, I have disabled apache because I don't run a webserver.
2. List the services, we can try to tell you what they are, then you can do as above.
All services can be disabled. Make sure you remove the startup script in /etc too. BSD-init is so nice, you can just chmod a-x them and they won't start. A good way to find the services you have running is 'netstat -ln'. Then do a 'ps aux' to find the pid and then 'kill -15 PID' putting in the PID. Then remove the startup script. I also am annoyed that lots of distrobutions don't give you the choice of running services.
When I did a reboot I got a ton of error messages, sound no longer worked, and I coudln't get online.
To restore things back to how they were I deleted the inetd.conf, and renamed the inetd.conf.old back to just inetd.conf.
Then I rebooted, but all the errors are still there, so I've got to be missing something. I guess it serves me right for entering commands with no understanding of what they do, but if anybody can help me I would really appreciate it.
I generally don't like moving inetd.conf and making a blank one, I just comment the needed lines (all of them) out, and remove it from startup scripts. What inetd is a superdaemon of sorts, to get and sort incoming data, basically takes the edge off of high-demand servers. You definatly don't need it. Even if you use one or two services, you probably don't need it.
And that won't disable all services nine times out of ten. Post your error messages. And maybe check out this guide: Slack Hardening It offers a simple command by command of securing your system. Make sure you understand what those commands do beforehand, though!
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.