[techtalk] Tightening Security
Raven Alder
damask0 at yahoo.com
Wed Feb 21 08:25:05 EST 2001
Heya --
I accidentally killed the original message, but someone had made
the point that /etc/services just dictates what port a given service is
listening on, and that disabling that port binding hasn't a thing to do
with whether the service is running at the time. That's inetd.
Absolutely right.
The reason that I had heard cited for commenting out the line in
/etc/services as well as making sure the service wasn't being offered
in inetd.conf (or rc.inet2 or wherever) was to ensure that in case of a
partial system compromise, the hacker installing a new service would
have to take the additional step of editing /etc/services to get any
new program they install to have a port assignment, rather than the
well-known port already working for it.
I haven't ever actually had this happen personally, so I can't
comment on how effective it is. Anyone else tried it? Did it do any
good?
Cheers,
Raven
=====
"You down with entropy?
Yeah, you know me! (x3)
Who's down with entropy?
Every last homey!"
-- the Mighty Stephen Hawking, "Entropy"
http://www.mchawking.com
__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - Buy the things you want at great prices! http://auctions.yahoo.com/
More information about the Techtalk
mailing list