SERVICES Configuration File


The SERVICES file contains information on the known services available on the Internet.

When LISTNER starts, it reads the SERVICES file to resolve the services configured in the PORTCONF file, and checks that the service name and corresponding port are valid. Once the accuracy of the PORTCONF file content is verified against the SERVICES file, the LISTNER process listens to the configured ports, waiting for incoming connection requests from remote clients .

Additionally, the HOSTS file maintains the list of host IP addresses. It is likewise consulted for HOST address information.

RISK LISTNER resolves services configured in PORTCONF. If the services are not configured properly, programs such as FTP will not function.

RISK There may be more than one SERVICES and HOSTS file active to separate LISTNER processes. If more than one is used, it can become confusing, because it is sometimes difficult to determine which LISTNER is using which file.

Securing SERVICES/HOSTS Files

BP-FILE-SERVICES-01 SERVICES should be secured "NUUU".

BP-OPSYS-OWNER-03 SERVICES should be owned by SUPER.SUPER.

BP-OPSYS-FILELOC-03 SERVICES resides in $SYSTEM.ZTCPIP

BP-FILE-HOSTS-01 HOSTS should be secured "NUUU".

BP-OPSYS-OWNER-03 HOSTS should be owned by SUPER.SUPER.

BP-OPSYS-FILELOC-03 HOSTS resides in $SYSTEM.ZTCPIP

If available, use Safeguard software or a third party object security product to grant access to SERVICES only to users who require it in order to perform their jobs.

BP-SAFE-SERVICES-01 Add a Safeguard Protection Record to grant appropriate access to the SERVICES file.

BP-SAFE - HOSTS-01 Add a Safeguard Protection Record to grant appropriate access to the HOSTS file.

Discovery Questions

Look here:

FILE-POLICY

Who is allowed to modify the HOSTS and SERVICES file?

Policy

OPSYS-OWNER-03

Who owns the SERVICES object file?

Fileinfo

OPSYS-OWNER-03

Who owns the HOSTS object file?

Fileinfo

FILE-SERVICES-01 SAFE-SERVICES-01

Is the SERVICES file correctly secured with the Guardian or Safeguard system?

Fileinfo Safecom

FILE-HOSTS-01
SAFE-HOSTS-01

Is the HOSTS file correctly secured with the Guardian or Safeguard system?

Fileinfo Safecom




HP NonStop Server Security 2004
HP NonStop Server Security 2004
ISBN: 159059035X
EAN: N/A
Year: 2004
Pages: 157

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net