HPE Community
Operating System - HP-UX
1838458 Members
3101 Online
110126 Solutions
New Discussion

Bastille question

 
SOLVED
Go to solution
Stephen Milner
Occasional Advisor

‎09-20-2007 06:34 AM

‎09-20-2007 06:34 AM

Bastille question

Hi i have a system set-up (HP ux 11iv2 on Itanium) that we have hardened using the HP bastille tool.

I have used this to disable a number of services on the system. I can see that these services have now been hashed out of /etc/inetd.conf but i see the entries are still in /etc/services.

Do i need to manually comment these out as well or should the bastille tool have done this ?
0 Kudos
Reply
2 REPLIES 2
James R. Ferguson
Acclaimed Contributor

‎09-20-2007 06:42 AM

‎09-20-2007 06:42 AM

Solution

Re: Bastille question

Hi Stephen:

You don't need (nor really want) to do anything to '/etc/services'. The entities in '/etc/services' are simply mappings of numbers and names and the declartion of a service's protocol. The 'inetd' daemon (via its configuration file) is the controller of whether or not the daemons run.

Regards!

...JRF...
Reply
Stephen Milner
Occasional Advisor

‎09-20-2007 06:51 AM

‎09-20-2007 06:51 AM

Re: Bastille question

James

Thanks I was hoping that was the answer. We just had one of our security guys point out all the entries were still in /etc/services. But if they can't run if the entries in /etc/inetd.conf are disabled i don't have a problem.

Thanks for the quick response.

Cheers

Stephen
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.