Most all services firewalled
|
| Author | Content |
|---|---|
| sbergman27 Dec 25, 2004 10:51 AM EDT |
This article repeats the common statement that RedHat (and it's generic relatives) have too many services running by default. While I would concede that these services use some system resources (which the kernel is pretty good at reallocating to other purposes if they are not actually being used), and increase boot time, everything but sshd is firewalled if you do any of the default installs. Granted, a local user could possibly exploit one of the services. And if a cracker does get in through sshd, he might be able to exploit a service to escalate his privileges. But the implication that these services could be exploited remotely is as incorrect as ever. |
| PaulFerris Dec 27, 2004 6:09 AM EDT |
One of the things going in Linux's favor at the moment is that stuff like this makes exploiting it wildly difficult. Granted, it also makes deploying network services a bit more painful. If you have to deply a network service, you should have taken all of the time needed to understand _all_ of the implications -- not just some lame dialog box that says "enable this service for me". Opening a firewall port or two to make it happen is par for the course. We're within weeks of a total Windows network service melt-down, I believe. It's unfortunate, but highly likely. And Longhorn is still nowhere in sight. |
Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]
Becoming a member of LXer is easy and free. Join Us!