Red Hat NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE Guida di Installazione Scaricare il pdf (Pagina 14)

To view only the ones that are "on":

# chkconfig −−list | grep "\bon\b" | less

The first column is the service name, and the remaining columns are the various runlevels. We need generally

only worry about runlevels 3 (boot to text console login) and 5 (boot straight to X11 login). xinetd services

won't have columns, since that aspect would be controlled by xinetd itself.

Examples of commands to turn services "off":

# chkconfig portmapper off

# chkconfig nfs off

# chkconfig telnet off

# chkconfig rlogin off

Note that the last two are xinetd services. A very easy and nifty tool to use! Red Hat also includes ntsysv and

tksysv (GUI) for runlevel and service configuration. See the man pages for additional command line options.

Another option here is to uninstall a package if you know you do not need it. This is a pretty sure−fire,

permanent fix. This also alleviates the potential problem of keeping all installed packages updated and

current (Step 2). RPM makes it very easy to re−install a package should you change your mind.

To uninstall packages with RPM:

# rpm −ev telnet−server rsh rsh−server

The above command would uninstall the "telnet server" package (but not telnet client!), "rsh" client and "rsh

server" packages in one command. Red Hat also includes gnorpm, a GUI RPM management utility which can

do this as well.

3.3.2. Inetd

Inetd is called a "super−daemon" because it is used to spawn sub−daemons. inetd itself will generally be

started via init scripts, and will "listen" on the various ports as determined by which services are enable in its

configuration file, /etc/inetd.conf. Any service listed here will be under the control of inetd.

Likewise, any of the listening servers in netstat output that list "inetd" in the last column under "Program

Name", will have been started by inetd. You will have to adjust the inetd configuration to stop these

services. xinetd is an enhanced inetd replacement, and is configured differently (see next section below).

Below is a partial snippet from a typical inetd.conf. Any service with a "#" at the beginning of the line is

"commented out", and thus ignored by inetd, and consequently disabled.

# inetd.conf This file describes the services that will be available

# through the INETD TCP/IP super server. To re−configure

Security Quick−Start HOWTO for Red Hat Linux

3.3.2. Inetd 11

1 2 ... 9 10 11 12 13 14 15 16 17 18 19 ... 81 82

Nessun commento

Red Hat NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE Guida di Installazione Pagina 14