Community
HPE 9000 and HPE e3000 Servers
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Security Risk -- Services enabled on Unix Server

 
Highlighted
faiza
Occasional Contributor

‎10-22-2003 11:39 AM

‎10-22-2003 11:39 AM

Security Risk -- Services enabled on Unix Server

Hi,

After a security audit, following security risk items came up. Could somebody pls tell me what are these services for and how can I disable them if they not required?

TIA.
Faiza


Medium - CHARGEN UDP DOS / chargen
Medium - PCCS-mySQL problem / http/www/www-http
Low - Automounter Service Enabled / mountd
Low - CHARGEN service enabled / chargen
Low - Calendar Manager Service Enabled / cmsd
Low - Echo service enabled / echo
Low - HTTP (Web) service enabled / http/www/www-http
Low - Network Lock Manager Service Enabled / nlockmgr
Low - Portmapper Service Enabled / rpcbind
Low - Status Service Enabled / status
Low - Tooltalk Service Enabled / ttdbserverd


0 Kudos
Reply
1 REPLY 1
Highlighted
Michael Tully
Honored Contributor

‎10-22-2003 05:05 PM

‎10-22-2003 05:05 PM

Re: Security Risk -- Services enabled on Unix Server

Well some of them you have what they are. You can safely disable these.

chargen: echos complete character sets back to the connection
echo: echos characters back to the connection

Here's how:
# vi /etc/inetd.conf
Place a '#' at the front of each line.
Save the file, and get the inetd daemon to re-read it's config file.

# inetd -c

Here's a document that might explain a bit more.
http://www.cert.org/advisories/CA-1996-01.html
Anyone for a Mutiny ?
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.