[Techtalk] closing ports in /etc/services
R. Daneel Olivaw
linuxchix at r-daneel.com
Fri Sep 19 03:00:07 EST 2003
Hello,
> > 2. This method is of no security value. Stick to service control (you
> > are able to know which service runs, and which not) and firewalling
> > (you decide which ports can be responded to, whitch not ...).
>
> I agree with everything except this last part. There is security value
> in that there is one more step that a cracker has to go through to
> enable whatever. It also helps if an admin makes an honest but careless
> error in that the service that should be disabled is not.
Well, I agree for the error case.
A cracker, however, will find no problem in adding an entry to
/etc/services.
> Commenting out lines in /etc/services does not replace a firewall by any
> means, and I agree that the firewall and disabling and/or uninstalling
> unneeded services are the primary means of defense. However, commenting
> out lines in /etc/services DOES have value.
err, say, it is a way to tighten a bit more an already secured system.
> Regards,
> Caity
> (watching the weather deteriorate as the hurricane approaches)
(good luck with that hurricane ...)
bye,
--
R. Daneel Olivaw,
The Robot Inside.
More information about the Techtalk
mailing list