Generally, the places to check for enabling/disabling a service are the /etc/inetd.conf file and the /etc/rc.config.d directory.
/etc/rc.config.d/namesvrs:
- first check /etc/nsswitch.conf and ensure the server does not require NIS for anything
- set all NIS_*SERVER and NIS_*CLIENT variables to 0 to disable NIS functions.
/etc/rc.config.d/nfsconf:
- set NFS_CLIENT, NFS_SERVER, AUTOMOUNT, START_MOUNTD and AUTOFS to 0 as appropriate to disable NFS-related services
/etc/rc.config.d/netconf:
- set GATED to 0 to disable dynamic routing daemon
- set RARP to 0 to disable rarpd daemon (booting services)
- set RDPD to 0 to disable rdpd
/etc/rc.config.d/netdaemons:
- set INETD_ARGS to "-l" to enable inetd logging
- set START_RBOOTD to 0 to disable rbootd
- set MROUTED to 0 to disable multicast routing
- set RWHOD to 0 to disable rwhod
To disable ftpd, telnetd, tftpd, bootps, finger, r* commands, ntalk, uucp, rexd, rstatd, rusersd, rwalld and sprayd, comment them out of /etc/inetd.conf.
To disable HTTP, you need to find out what HTTP server software you're using. If it's HP-packaged Apache, see /etc/rc.config.d/hpws_apacheconf. For any other kind of HTTP server, see the documentation of that server and/or the notes of the person who installed the server.
Bootp and DHCP are so closely related that usually one server program handles both of them. The network port that bootp/DHCP server uses is called "bootps"; in HP-UX, the bootp/DHCP server binary is called "bootpd".
To enable ftpd logging, add "-l" to ftpd command line in /etc/inetd.conf file.
To forward all syslog messages to centralized logging host, see "man syslogd".
After making these changes, you'll need to send a HUP signal to inetd and/or stop any running service daemons to make the changes effective immediately. A reboot might be recommended to ensure the new configuration is bootable, although it isn't strictly required.
MK
