Want to harden the security on your server? The first thing you should do is shut down any public services that you don't need.
To see the ports on which you are accepting connections (sshd, http, ftp, etc)
, run "netstat -l" (-l for ports that are listening).
You should be interested in both what ports are open, and on what addresses is your server listening. e.g. listening on the localhost address is usually pretty harmless. But you'd want to make sure that anything listening on a public (or *) IP address is supposed to be publicly accessible
If you see a port number that you don't recognise, run lsof | grep theportnumber.
This will tell you the process listening on this port.
The xinetd daemon controls a number of services (like FTP, pop3, et al.). If you don't want them running a) shutdown xinetd or b) configure that service by editing the appropriate file in /etc/xinet.d/ and setting "disable = yes".
Tip: To quickly find enabled services, run: grep -i disable /etc/xinetd.d/* | grep -i no
Want to perform a security scan on your server?
Download and install nmap from Insecure.org. e.g. rpm -Uvfh "http://nmap.org/dist/nmap-4.76-1.i386.rpm"
Then run it against your server: nmap yourservername.com. It will scan
the most commonly used port numbers on your server and alert you to open ports. Like this:
Port State Service
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
80/tcp open http
RimuHosting : Server hosting service. A Rimu Hosting Ltd business. RimuHosting services include:
© RimuHosting Ltd 2002-2024. Rimuhosting, Launchtime and the Rimuhosting logo are RimuHosting™ trademarks.
