Hello all
In the interests of securing my stand-alone RH7.2 workstation, using only a dial-up to get mail, news, and web access, I have shut down several services, and wish to invite those who care to to comment on the wisdom from a security perspective of having shut these services down (and singlespeed if you're reading this, this step is to suffice until I get the book :)).

Services stopped: [amd, chargen, chargen-udp, daytime, daytime-udp, echo, echo-udp, imap, imaps, innd, ipop2, kdcrotate, linuxconf-web, mysqld, netfs, network, nscd, ntpd, pop3S, portmap, rhnsd, sendmail, snmpd, squid, time].

Services retained: [anacron, apmd, atd, autofs, crond, gpm, ipchains, ipop3, iptables, junkbuster, keytable, kudzu, linuxconf, lpd, named, random, rawdevices, sgi_fam, syslog, time-udp, wine, xinetd].

If a service is not on either of these two lists then I must conclude that it wasn't installed, because these lists are drawn from 'serviceconf' @ root.
I was unsure about disabling the mysqld, because I will be wanting to use that in the not-too-distant future, but understood that to be a server that might allow remote calls to be made to it on specific ports at which it listens (did I get that right?). It was that that made me decide to switch it off.

Anyway, I'd appreciate any comments on this service choice from a security perspective. As for iptables and ipchains, and configuring Bastille, etc., well, one step at a time: there are only so many hours in a day that I can read for !!! :D
Thanks

i may be mistaken but i don't know if you will want xinetd or named running. At least for the needs you describe. But i don't know for certain.

As an alternative have you tried setting up Guarddog to keep these things under control?

Hi JohnT and Sarah31
Thanx for your comments. To be honest Sarah31, I am not 100% sure about the named and the xinetd services. I suspected that I do need them (that's why I left them on) because the named would be to assist in resolving ip addresses to DNS host names (at least as I have understood/misunderstood the docs), and the xinetd seems to be a pretty crucial process that supports and spawns other processes for the Net. Altho' I will do some more reading on that service now that you mention it, just to make sure 'cos I could have gotten the whole thing mixed up :rolleyes:
JohnT, I have never heard of "Guarddog" - can you tell me more, and how might it compare to say Bastille?

Guarddog........http://www.simonzone.com/software/guarddog/

JohnT: thanks that's cool. Will check it out :)
Sarah31: I did some more reading and I reckon that the xinetd is probably superfluous for my system requirements, so I did disable it. Thanks :). Still not sure about the named service tho'. Thoughts?

Hey JohnT, that Guard dog program looks really cool, but what's up with the download section of that site. I click on my distro and it opens a real/audio plugin and just sits there. Can't seem to download the RPM I need. Is there maybe another place I could d/l guard dog for RedHat? I tried RPM find but that just comes up with Mandrake?

I gotta have Guarddog.. Iptables is spooky..
:D