[Techtalk] closing ports in /etc/services
Caitlyn Martin
caitlynmaire at earthlink.net
Thu Sep 18 08:07:03 EST 2003
On 18 Sep 2003 09:35:11 +0200
"R. Daneel Olivaw" <linuxchix at r-daneel.com> wrote:
> 2. This method is of no security value. Stick to service control (you
> are able to know which service runs, and which not) and firewalling
> (you decide which ports can be responded to, whitch not ...).
I agree with everything except this last part. There is security value
in that there is one more step that a cracker has to go through to
enable whatever. It also helps if an admin makes an honest but careless
error in that the service that should be disabled is not.
Commenting out lines in /etc/services does not replace a firewall by any
means, and I agree that the firewall and disabling and/or uninstalling
unneeded services are the primary means of defense. However, commenting
out lines in /etc/services DOES have value.
Regards,
Caity
(watching the weather deteriorate as the hurricane approaches)
More information about the Techtalk
mailing list