HPE 9000 and HPE e3000 Servers
1827438 Members
5185 Online
109965 Solutions
New Discussion

Security Risk -- Services enabled on Unix Server

 
faiza
Occasional Contributor

Security Risk -- Services enabled on Unix Server

Hi,

After a security audit, following security risk items came up. Could somebody pls tell me what are these services for and how can I disable them if they not required?

TIA.
Faiza


Medium - CHARGEN UDP DOS / chargen
Medium - PCCS-mySQL problem / http/www/www-http
Low - Automounter Service Enabled / mountd
Low - CHARGEN service enabled / chargen
Low - Calendar Manager Service Enabled / cmsd
Low - Echo service enabled / echo
Low - HTTP (Web) service enabled / http/www/www-http
Low - Network Lock Manager Service Enabled / nlockmgr
Low - Portmapper Service Enabled / rpcbind
Low - Status Service Enabled / status
Low - Tooltalk Service Enabled / ttdbserverd


1 REPLY 1
Michael Tully
Honored Contributor

Re: Security Risk -- Services enabled on Unix Server

Well some of them you have what they are. You can safely disable these.

chargen: echos complete character sets back to the connection
echo: echos characters back to the connection

Here's how:
# vi /etc/inetd.conf
Place a '#' at the front of each line.
Save the file, and get the inetd daemon to re-read it's config file.

# inetd -c

Here's a document that might explain a bit more.
http://www.cert.org/advisories/CA-1996-01.html
Anyone for a Mutiny ?