Red Hat & Solaris port security

Gibson, Brian GibsonB at GRUNTAL.COM
Wed May 10 09:35:45 EDT 2000 

Many applications reference the services file to determine what port to run
on.  Depending on the app it may not start properly without a defined port
in the services directory.  Perhaps a better idea would be to change the
port numbers on those ports to a certain range that you would monitor and if
those ports became active you would be notified of someone being unfriendly
on your box.  I am not sure what he plans to kill -HUP.  If you are getting
that paranoid I would assume that your inetd.conf file was long ago
configured without those services running.

> -----Original Message-----
> From: Truman Boyes [mailto:truman at RESEARCH.SUSPICIOUS.ORG]
> Sent: Tuesday, May 09, 2000 3:39 PM
> To: VPN at SECURITYFOCUS.COM
> Subject: Re: Red Hat & Solaris port security
>
>
> On Mon, 8 May 2000, Jose Muniz wrote:
> > Then you can also if you are a bit more paranoid, which you
> should be then
> > you comment
> > the port to services lines on /etc/services.
> >
> > And then you kill -HUP the process.
> > Jose Muniz.
>
> Hi,
> 	
> 	I do not see how editing the ports on /etc/services
> adds any more
> security to your machine. It is just a table of services to
> ports... At
> the most, commenting those lines out would just prevent you from
> accidentally referencing those service names in your firewall
> configs. Is there something I am not getting about that file,
> that would
> have an effect on security ?
>
> .truman.boyes.
> --------------
> www.suspicious.org
>
> VPN is sponsored by SecurityFocus.COM
>


***********************************************************************
Gruntal & Co., L.L.C.'s e-mail system is for business purposes only.
Messages are not confidential.  All e-mail may be reviewed by
authorized supervisors, compliance or internal audit personnel.
E-mail will be archived for at least three years and may be produced
to regulatory agencies or others with a legal right to access such
information.  Gruntal will not accept trade order instructions via
e-mail.  Please telephone your Account Executive to place trade orders.

Gruntal & Co., L.L.C.
***********************************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/vpn/attachments/20000510/05f8709d/attachment.htm

More information about the VPN mailing list