Lesson 12

Date: 4/12/2017
Basics of Linux Security
Linux System Administration


Closing ports

  • The open ports are related to the aplications/processes, which start either at the system startup or through inetd
    To disable an application at the startup, use update-rc.d for system V startup scripts such as in /etc/rc2.d directory. Note, on Ubuntu 14.04, System V and Upstart are both present. For example
    
    /usr/sbin/update-rc.d -f service_name remove
    

    For the Upstart applications,
    
    cd /etc/init
    initctl stop service_name
    mv service_name.conf service_name.disable
    initctl reload-configuration
    

    To disable a port in inetd, modify /etc/inetd.conf file, commenting out the services, for example:
    
    # shell           stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.rshd
    # login           stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.rlogind
    # exec            stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.rexecd
    
    Then make inetd daemon to re-read the configuration file:
    
    killall -HUP inetd
    
    Ref: more info on how to disable services on Ubuntu is here

  • Vulnerable services:
    telnet, rsh, rcp, rexec, ftp, portmap, nfs, mountd, ypbind, ypserv.
    Disable them if your computer is on the open Internet. But if you need them, install a firewall and implement the tcp_wrappers.

  • Relatively secure services:
    Services protected with SSL libraries for encrypted connection such as SSH, LDAP, Apache; Kerberos.


  • Take me to the Course Website