Improve Linux security

Tuesday, 8 October 2002, 2:37 PM EST

One of the attractions of Linux is its native support for a wide range of TCP/IP services, many of which are configured to run by default. Those default services, however, can expose your Linux networked workstation to external intruders.

If your workstation is connected to a TCP/IP network with active network services, you're exposing your system to all other clients on the network. If the telnet server application is active, a telnet client running on another workstation on the network can easily establish a login session on your system; it needs only the address of your system and the port or socket number of a network service running on your system. And like other commonly used TCP/IP applications, telnet has a standard defined port number, 23, which is also the address of the running telnet server application. So any telnet client running on any remote workstation on the network can establish a login session to your workstation over port 23.

To reduce your workstation's vulnerability to such an attack, users should first find out what networked services are running, determine which ones can be retained with minimum security risk, and stop the rest of those services. There are three places to look for active network services on your workstation: the /etc/inetd.conf file, the /etc/xinetd.conf file, and the /etc/rc.d directories.

[ Read more ]


For all your Linux security information needs, visit the Linux outside articles section of HNS.


MagSpoof: A device that spoofs credit cards, disables chip-and-PIN protection

The device can wirelessly spoof credit cards/magstripes, disable chip-and-PIN protection, and predict the credit card number and expiration date of Amex cards after they have reported stolen or lost.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Nov 26th