Re: [suse-security] Services (not) needed/secure?/ How to disable?

["David M. Fetter" <david.fetter@xxxxxxxxxxxxxxxxxxxx>]

Markus wrote:
> Hi,
>
> the following services are running on my machine:
> 111/tcp          => portmap (user: bin)
> 111/udp         => portmap (user: bin)

If you're not using nfs or nis, then you should disable portmap.  It is 
highly insecure.  You can run `rpcinfo -p $hostname` against your system 
to see what additional services it is providing.

> 113/tcp          => in.identd (user: nobody)

This is also not too secure and you should disable it.  It is mainly 
used for irc servers to grab information about you, so if you don't go 
to irc then it's unnecessary.  If you do frequent irc servers then I 
recommend you replace identd with fakeidentd 
(http://hangout.de/fakeidentd/).  I have done this and it works pretty well.

> 515/tcp          => lpd (user: root+)

Do you have the need to spool your print jobs locally or can you just 
send them off to your printer?  For that matter, do you even have a 
printer?  If you're not using it then disable it as it does have 
vulnerabilities every so often.  Otherwise, if you need it then you 
could set it up so it listens only to localhost and not to external 
requests.

> 6000/tcp        => X (user: root)

I believe someone already said something about appending "-nolisten tcp" 
to the Xserver startup.

--
David M. Fetter - http://www.fetterconsulting.com/

"The world is full of power and energy and a person can go far by just 
skimming off a tiny bit of it." Neal Stephenson - Snow Crash


--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here