[lug] Interesting Crash Report

Brad Doctor bdoctor at ps-ax.com
Wed Mar 21 13:23:24 MST 2001


Two tools may be of interest to you:

gnorpm -- Graphical RPM manager, can add, remove, query, etc.

control-panel -- Graphical system config utility, including removing items from
startup.  Runlevel 3 is what you are interested in if your system boots to
the command prompt (and you then login, and "startx"), runlevel 5 is what you
want if you boot directly to XDM / some other graphical X login screen.  I
would do both if you are not sure.  

The easiest thing is to restart your machine after you have disabled your
services, just to be sure -- control-panel will only remove them.

As an example, I only run the following on my workstation:

S10network (init.d/network)
S12syslog  (init.d/syslog)
S20random  (init.d/random)
S35identd  (init.d/identd)
S55sshd    (init.d/sshd)
S90crond   (init.d/crond)
S90xfs     (init.d/xfs)
S99snmpd   (init.d/snmpd)

If you are brave, don't run anything you are not familiar with.  Otherwise, 
be absolutely certain you know what each service does, and what it requires
to be secure when running (patches, configs, etc.).  As a general rule, don't
run anything you don't need.  Less system overhead, lower chance of
compromise.  A workstation needs very little to operate properly.  In my
list, the only *required* elements are network,xfs.  The rest are optional
in terms of system functionality. (yes, you can run without syslog)

Also, the required elements are basic to my needs -- not the system, if you
don't need an interface and networking :)

-brad


> 
> First, thank you Scott and D. Stimits for confirming my fears and also
> for the advice.  I failed all those tests, except lsof, which appears
> not to be on my machine; what/where is it?  I have re-installed 6.2,
> changed my password, killed rpc.statd (how do I disable it, please),
> and renamed nfslock.  I hope to be safe for another ten minutes or so.
> 
> I have studiously avoided security issues until now because I have
> plenty of other things to do with my time and I know that a good
> number of hours will be consumed by it.  I have trusted in a quick
> connect and disconnect policy for my security.  This has worked quite
> well really: I was caught when I started surfing a little.  However, I
> suppose the hour cometh, so I have more questions.
> 
> What I should like to do is have a two or three machine local network
> in the house connected to the outside world via the television cable;
> the latter for speed and to avoid preventing use of the telephone.
> The local network must accomodate MS NT etc. as well as Linux.  I
> assume that this is a very common setup.  Is that true?  Is it a
> sensible way to go?  Is there something better, and why is it better?
> Do I tie myself to AT&T, or can I use my present ISP, etc?
> 
> I should like to understand what I am doing, rather than simply follow
> a procedure.  Although, in truth, that is only because I know that I
> shall have to fiddle with it later.  So, a question is: where do I
> read about what to do?  What is the best starting point; HOWTOs, buy a
> book (which one), BLUG archives, or what?
> 
> I have read the term ipchains many times; are they part of a good
> technique?  What about tummy's isinglass?  I have heard that a router
> is a good security device; and I have heard that a router is a bad
> security device.  How secure is RedHat 7.1?
> 
> Yours in ignorance, but hopeful.
> dajo
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> 




More information about the LUG mailing list