Step 6: Check Configuration for Unnecessary Services


Before returning the system to the network, double-check that there are no unnecessary services running. Until you get familiar with the process, the GUI can help you through the steps. Once you are more comfortable, the command line tool, chkconfig , is a more direct method for checking what is configured to start up at boot time. If you find that some service you have identified as unnecessary is running, return to step 4 and shut it down, then continue following the procedure.

Check Configuration: GUI

This step should be simple: if you are using Red Hat, restart the serviceconf GUI. If you are only viewing the service configurations under Red Hat, you will need root privileges, but not under SUSE. Check to make sure that there are no checks next to any of the services you intended to turn off. If there is a check next to a service that should not be running, repeat the procedure in step 4 to turn it off. If you have tried this a couple of times but it doesn t seem to keep the changes, make sure you are selecting File Save Changes as shown previously in Figure 2-6.

Check Configuration: Manual

In Red Hat Enterprise Linux AS 3.0, there is the command service which can be very helpful in determining whether a service is on or not. If you type service --status-all it returns a list of the state of all services it knows about. The easiest way to look for unwanted services is to type the following:

 service --status-all grep -v "stopped" 

You will get a list of the services that are on. If you see something running that should be off, return to step 4. This is a quick way to get through the service list without missing anything.

In SLES8, there is a similar method for checking to see which services are running. At the command line, type

 chkconfig grep -v "off" 

What is returned to you is a list of all the services that are running at the current runlevel.




Hardening Linux
Hardening Linux
ISBN: 0072254971
EAN: 2147483647
Year: 2004
Pages: 113

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net