System Daemons and Services

Previous page
Table of content
Next page

Windows servers have background processes that perform many functions, called services. Unix systems also have background processes that work in a similar manner that are called daemons. Regardless of what you call them, these processes, which are called background because they do not require interaction with the keyboard but instead execute on the computer waiting to perform some function, can introduce security problems when they are not needed.

You should become familiar with the background processes on any servers in your network and disable those that are not needed. For example, on Unix systems, there are many background daemons associated with the TCP/IP suite of protocols. Some systems might need all of these, whereas some might need just a few or none of them. Table 42.1 lists some of the daemons you might want to look at to determine whether they are needed. If not, disable them.

Table 42.1. TCP/IP Services That Might Not Be Needed on All Systems

Service Name

Description

uucp

Unix-to-Unix copy

finger

Provides information about users

tftp

Trivial file transfer protocol

talk

Allows text communications between users on the network

bootp

Provides network information to clients

systat

Gives out current system information

netstat

Gives out current network information such as current connections

rusersd

Shows logged-on users

rexd

Remote execution utility


It might be that you do need these services. It might be that they need to be configured properly to prevent their misuse. You should read the documentation that comes with your Unix or Linux system to determine the capabilities that these daemons provide and disable them on systems that do not need them.

For example, tftp (the trivial ftp transport application) is a stripped-down version of FTP. It is compact and usually can be easily implemented in an EPROM. For this reason, it is useful in some devices that need to download operating software from a host. However, note that unlike FTP, tftp has no access control mechanisms. This means that a username and password are not used. Because there is no authentication, this can be a real security problem if it is not configured properly, such that it can be used only for its intended purpose.

On Windows servers, you can use two programs that are provided with the Resource Kits to install or run almost any executable program or batch file as a service. These are INSTRV. EXE, which can be used to install an executable, and SRVANY. EXE, which can be used to make other kinds of files into services. On a server that has several users logging in frequently, you might want to make it a regular part of your routine maintenance to review the services running on the machines and disable or remove those that are not installed by the initial operating-system installation or those that did not come from products you have applied to the system.

To do this, you will need to keep an inventory of what runs on each server, but this kind of inventory information can be useful for other purposes, such as when you need to reinstall a server that has been destroyed by a catastrophic failure.



Previous page
Table of content
Next page
Upgrading and Repairing Networks
Upgrading and Repairing Networks (5th Edition)
ISBN: 078973530X
EAN: 2147483647
Year: 2006
Pages: 411
Authors: Scott Mueller, Terry William Ogletree, Mark Edward Soper
BUY ON AMAZON
CISSP Exam Cram 2
Lotus Notes and Domino 6 Development (2nd Edition)
Software Configuration Management
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
A Practitioners Guide to Software Test Design
C++ GUI Programming with Qt 3
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy