| Unnecessary software provides an opportunity to be exploited. If a piece of software is not being used, it is likely that it will not be patched, so unused software is more likely to be vulnerable. Any software which was included with the installation bundles which is not needed should be removed. This includes manuals, examples, and software for hardware which the system does not have. Linux Red Hat uses the rpm command to remove, as well as to install, software. The granularity and the ease of selecting the software offered make it unlikely that you will have to install something you do not want to if care is taken when installing the software in the first place. The command used to remove software is: rpm -ev packages HP-UX 11i Uninstalling software from the base environment is somewhat tricky, given the dependencies defined. However, one can patiently start at the bottom of the dependency tree and prune his way up to remove many of the unnecessary filesets . Use swlist with the "-l product" and "-l fileset" options to determine what is on the system which needs to be removed. The following are suggestions on removing software after the initial install: -
The X windows system is not generally needed on servers. Its network model makes it a prime target of hackers to gather information and gain access. It can be removed with the following command: swremove -x "autoreboot=true" AudioSubsystem CDE DigitalVideo \ ImagingSubsystem VUEto CDE X11 Xserver Sup-Tool-Mgr.STM-UI-RUN -
NFS has a long history of security issues. All of the NFS filesets can be removed except for NFS-CORE NFS-KRN and NFS-SHLIBS. To remove them, run swremove interactively selecting NFS and unselecting these filesets. swremove -i NFS -
To remove the software programming environment, start swremove interactively with the following command, and then un-select ProgSupport.C-INC. This fileset is needed to rebuild the kernel. swremove -i CPS Perl5 ProgSupport SourceControl Judy-lib \ KernDevKit Networking.NET-PRG InternetSrvcs.INETSVCS-INC \ Networking.LAN-PRG -
Many of the serial data communication products have been exploited. They should be removed if not needed. swremove UUCP SystemComm TerminalMngr NonHP-Terminfo KeyShell \ Curses-Color -
Other user facilities can be removed if the server will not be supporting logged-in users. These facilities include e-mail, printing, text editors, and formatters. swremove MailUtilities swremove TechPrintServ PrinterMgmt DistributedPrint swremove TextEditors TextFormatters Spelling Removing user messaging and native language support will save space on the server. -
The international language support is dependent upon a number of message libraries which are loaded in a number of other products, so before the "International" product can be removed, all of the message libraries have to be removed with the following command: for i in `swlist -l fileset grep '\-MSG' awk '{print }'` do swremove $i done swremove International -
To remove all the man pages from the system, use the following command: for i in `swlist -l fileset grep '\-MAN' awk '{print }'` do swremove $i done |
