Firewall Wizards mailing list archives
Re: Securing a Linux Firewall
From: Kevin Steves <kevin () atomicgears com>
Date: Fri, 26 Jul 2002 17:50:38 -0700
On Tue, Jul 23, 2002 at 11:37:38AM -0400, Marc DVer wrote:
I have a computer set up for the exclusive use as a gateway/firewall running IPChains. I would like to know if I can safely shut down the rpc.statd service. According to the man page, " It is used by the NFS file locking service, rpc.lockd, to implement lock recovery when the NFS server machine crashes and reboots." Since I am not using NFS (or at least I believe I am not; the firewall is the only *nix computer on the network, and isn't used for file sharing) can I safely turn this off? I have read that turning off unneeded services is needed to secure a linux box, which is doubly a concern with a firewall.
My basic methodology for constructing a bastion host is outlined in: http://people.hp.se/stevesk/bastion11.html Yes, the example is on HP-UX 11, but the general approach is applicable to many Unix environments. I have used the strategy on Redhat Linux for example. I prefer Unix operating environments that easily permit a "minimal" or "secure by default" install. Then the user can add the software and packages that they require. The strip down approach is flawed, but in many cases there is no other choice. -- Kevin Steves | kevin () atomicgears com Atomic Gears LLC | http://www.atomicgears.com/ _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Securing a Linux Firewall, (continued)
- Re: Securing a Linux Firewall Brian Hatch (Jul 23)
- Re: Securing a Linux Firewall R. DuFresne (Jul 23)
- Re: Securing a Linux Firewall Frederick M Avolio (Jul 23)
- Re: Securing a Linux Firewall Carson Gaspar (Jul 23)
- Re: Securing a Linux Firewall Paul Robertson (Jul 23)
- Re: Securing a Linux Firewall Mordechai T. Abzug (Jul 23)
- Re: Securing a Linux Firewall Frank Knobbe (Jul 23)
- Re: Securing a Linux Firewall Ng Pheng Siong (Jul 24)
- Re: Securing a Linux Firewall Carson Gaspar (Jul 23)
- Re: Securing a Linux Firewall Brian Hatch (Jul 23)
- Re: Securing a Linux Firewall Frederick M Avolio (Jul 23)
- RE: Securing a Linux Firewall Carson Gaspar (Jul 23)
- RE: Securing a Linux Firewall Paul Robertson (Jul 23)
- Re: Securing a Linux Firewall Brian Hatch (Jul 23)
- Re: Securing a Linux Firewall John McDermott (Jul 23)
- Re: Securing a Linux Firewall Marcus J. Ranum (Jul 23)
- Re: Securing a Linux Firewall Marcus J. Ranum (Jul 23)