Showing results for 
Search instead for 
Do you mean 

Locking down Tru64 4.0G

Occasional Advisor

Locking down Tru64 4.0G

Hello.-

I need to lock down a Digital UNIX V4.0G with TruCluster Software V1.6. Some questions about:

1. In order to lock down I need to determinate what are the services TruCluster needs to work, particulary "r" services. I guess rsh will be required, but I need to be sure.

2. What is the most right and practical tool for shutting down the SysV services (just like sendmail) avoiding modify by hand the rc symlinks. I'm wondering if chkconfig works here the same as in Linux.

3. I'm making a guide to locking down this machine (I can post it here when it be ready) by using all stuff I found around. May be had somebody already a recipe or better document?

4. I compiled OpenSSH for this machine and wand I included support for tcp-wrappers butinet likes not my idea and inet simply ignores this addition in inetd.conf:

ssh stream tcp nowait root /usr/sbin/tcpd sshd -i

sshd works fine when invoked from shell. Any clue?

I'm thinking in start up OpenSSH by using a SysV script. Have anybody something like this customized for tru64? If not I will port it from linux, but may be some considerations I ignore.

Thanks for your comments.
1 REPLY
Occasional Advisor

Re: Locking down Tru64 4.0G

Ok.

ssh invocation from inetd.conf didn't work because a ssh reference was missing in /etc/services. So issue 4 resolved.

Still working in lockdown...
//Add this to "OnDomLoad" event