HPE Community
Operating System - HP-UX
1832973 Members
2345 Online
110048 Solutions
New Discussion

Re: Securing the server

 
Ray Bell
Regular Advisor

‎07-12-2001 06:46 AM

‎07-12-2001 06:46 AM

Securing the server

I have a scripts that run on my server every 30 minutes to capature all port not in use. I have ran it for 7 days and now I want to disable the ports that are not being used. I'm not familiar with most of these ports and before I disable the ports, I wanted to know what they do. Is there some documentation I can read that talk about the ports in /etc/services on the HP server. I have over 75 ports listed that are not being used. Please help.... here's the attachment list...
0 Kudos
Reply
5 REPLIES 5
Wim Rombauts
Honored Contributor

‎07-12-2001 07:31 AM

‎07-12-2001 07:31 AM

Re: Securing the server

As far as I know, /etc/services is just a translation table and has nothing to do with security.
If you want to secure your server for network connections, you can do the following :
Edit /etc/inetd.conf and set a "#" before every service that you don't want to be active.
Edit /var/adm/inetd.sec to limit access to services that have to be activated to specific systems.
All other network ports are used by processes that run continuously and that you have to start explicitly. If you stop that process, no communication on that port will be possible anymore. Scan your processes and try to find suspicious processes that should be stopped.
And then, there are those ports that you see as used, but shouldn't be used because the user is only sneeking around ...
0 Kudos
Reply
Ray Bell
Regular Advisor

‎07-12-2001 07:40 AM

‎07-12-2001 07:40 AM

Re: Securing the server

I aggree somewhat but how can I scan the server to find out what port I can disable? Also if a port is disable in /etc/service then no matter daemon is running then the prot is not available so the user can get access to my system and this lock down an entry into my server.

0 Kudos
Reply
Chris Calabrese
Valued Contributor

‎07-12-2001 08:28 AM

‎07-12-2001 08:28 AM

Re: Securing the server

This is more complicated than you think. Have a look at http://www.sabernet.net/papers/hp-ux10.html
and http://people.hp.se/stevesk/bastion11.html
Brainbench MVP for Unix Administration and Internet Security, SANS Review Editor, and Center for Internet Security HP-UX Benchmark project leader
0 Kudos
Reply
MALKI
Occasional Advisor

‎07-13-2001 06:47 AM

‎07-13-2001 06:47 AM

Re: Securing the server

Sorry I can give any idea on this subject but could you do to me a little favour and give me the script that you have for checking the opens ports on the system.
Thinks
malki
0 Kudos
Reply
Chris Calabrese
Valued Contributor

‎07-13-2001 09:32 AM

‎07-13-2001 09:32 AM

Re: Securing the server

Get a copy of lsof from http://hpux.cs.utah.edu/hppd/hpux/Sysadmin/lsof-4.55/ and then run 'lsof -i'. That will tell you everything about your network listeners.
Brainbench MVP for Unix Administration and Internet Security, SANS Review Editor, and Center for Internet Security HP-UX Benchmark project leader
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.