Russell Hires wrote:
>
> I've got some questions...
> I guess this is to Derrick, but anyone else feel free to chime in...
>
> First, what were the services you disabled? The HOWTOs say time and
> discard and a few others are internal services. What do they do?
Disable EVERYTHING you're not using. If you don't know what it is,
you're probably not using it. ;)
That said, here's what `man inetd` says:
Inetd provides several ``trivial'' services internally by use of
routines
within itself. These services are ``echo'', ``discard'', ``chargen''
(character generator), ``daytime'' (human readable time), and ``time''
(machine readable time, in the form of the number of seconds since
mid-
night, January 1, 1900). All of these services are tcp based. For
de-
tails of these services, consult the appropriate RFC from the Network
In-
formation Center.
>
> Second, what software did you use to scan the other machine that you
> pointed out that didn't have some of those services disabled?
nmap (www.insecure.org/nmap/ ) and nessus (www.nessus.org) are two
of the most popular scanning tools.
> Third, where do you keep the ipchains script? For me, it seems that Debian
> has got some default rules and thus a default script, but I don't exactly
> know where to find it...
Not exactly sure of the file name for Debian, but try
$ grep ipchains /etc/init.d/*
> well, I guess I don't need to know to edit it,
> because there is a utility called, aptly, "ipchains," so I should just be
> able to type (from the command line) "ipchains -A <chain>", at least
> according to the man page...
Yeah, but if you add the chains manually, they'll be gone after a
reboot.
-- 'If everyone climbs Mt. Everest because it's hard to do, why do they go up the easy side?' -- George Carlin
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 15:37:59 EDT