[Gllug] Core Services

Nix nix at esperi.org.uk
Wed Aug 20 23:16:18 UTC 2008


On 19 Aug 2008, Stephen Nelson-Smith spake thusly:

> Redhat ships with a vast number of services switched on, out of the
> box, even with a very basic install:

Most of these don't open network ports: a lot don't communicate with
anything, and some aren't even daemons. The latter two classes basically
cannot be security threats no matter what, and the former class are only
local threats at best, I'd say. (e.g. if anyone can think of a way to
make mdadm --monitor into a security hole I'd be *fascinated* to hear
it, since all it does is keeps an eye on md devices which can only be
manipulated by root anyway!)

Not network services (considering netlink sockets as `not networking' for
this application): 

> auditd         	0:off	1:off	2:on	3:on	4:on	5:on	6:off
> haldaemon      	0:off	1:off	2:off	3:on	4:on	5:on	6:off
> libvirtd (I think)  	0:off	1:off	2:off	3:on	4:on	5:on	6:off
> mdmonitor      	0:off	1:off	2:on	3:on	4:on	5:on	6:off
> messagebus     	0:off	1:off	2:off	3:on	4:on	5:on	6:off

Don't communicate with anything:

> acpid          	0:off	1:off	2:off	3:on	4:on	5:on	6:off
> anacron        	0:off	1:off	2:on	3:on	4:on	5:on	6:off
> atd            	0:off	1:off	2:off	3:on	4:on	5:on	6:off
> crond          	0:off	1:off	2:on	3:on	4:on	5:on	6:off
> hidd           	0:off	1:off	2:on	3:on	4:on	5:on	6:off
> irqbalance     	0:off	1:off	2:on	3:on	4:on	5:on	6:off
> pcscd          	0:off	1:off	2:on	3:on	4:on	5:on	6:off
> smartd         	0:off	1:off	2:on	3:on	4:on	5:on	6:off

Not daemons:

> iptables       	0:off	1:off	2:on	3:on	4:on	5:on	6:off
> lvm2-monitor   	0:off	1:on	2:on	3:on	4:on	5:on	6:off
> network        	0:off	1:off	2:on	3:on	4:on	5:on	6:off
> readahead_early	0:off	1:off	2:on	3:on	4:on	5:on	6:off
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list