Hi,
I'm wondering how to harden my true64 systems. Is there a FAQ or checklist
that is specific to Tru64 unix? One area that especially concerns me is
the number of services that are running from a default install. I don't
want the systems running anything but SSH and the services they are
hosting (web,dns etc). A netstat -a on a recently installed 5.1 box shows
up all the ports mentioned below.
* Why does AdvFS need a tcp socket?
* I'm not running X - can dtspc be turned off?
* What about kdebug?
* Do I really need the config management server running?
* I haven't configured EVM - can it be turned off?
Most of these are started up as standalone servers from rc3.d. Is there a
list of what each of these do and if they are really required?
Thanks in advance,
Paul
-------------------------------------------------------------------------------
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp 0 0 *.596 *.* LISTEN
tcp 0 0 *.316 *.* LISTEN
tcp 0 0 *.evm *.* LISTEN
tcp 0 0 *.printer *.* LISTEN
tcp 0 0 *.1026 *.* LISTEN
tcp 0 0 *.dtspc *.* LISTEN
tcp 0 0 *.cfgmgr *.* LISTEN
tcp 0 0 *.kdebug *.* LISTEN
tcp 0 0 *.AdvFS *.* LISTEN
tcp 0 0 *.587 *.* LISTEN
tcp 0 0 localhost.1025 *.* LISTEN
tcp 0 0 localhost.1024 *.* LISTEN
tcp 0 0 *.2049 *.* LISTEN
tcp 0 0 *.995 *.* LISTEN
tcp 0 0 *.111 *.* LISTEN
Received on Wed Mar 07 2001 - 16:51:33 NZDT