First page Back Continue Last page Summary Graphics
Patching the System (cont.)
Set up inetd.conf. Comment out or remove all unnecessary services then restart inetd. If you find that everything is commented out, disable inetd in the startup scripts.
I generally run only ssh, no telnet or ftp. If possible, eliminate both as they send username and password in cleartext, which can be sniffed.
Change the login banners to remove all of the OS info.
Disable all unnecessary services in the startup scripts in /etc/rc.d/rc*.d. (Such as portmap, nfs, etc.)
Check your message logging in /etc/syslog.conf
Remove unnecessary suid and sgid bits from files.
Notes: