1 Figure 6-5: Turning Off Unnecessary Services Unnecessary Services  Operating system vendors used to install many services by default  This made them.

Slides:

Advertisements

Similar presentations

Introduction to Linux Linux startup process Unix Shells and scripts.

Advertisements

Some history PDP versions BSD/Version 7 split VAX virtual memory implementations End of line 4.4 BSD System V merges Modern versions OSF/1, Solaris, HPUX.

Chapter 9: Understanding System Initialization The Complete Guide To Linux System Administration.

Booting and Shutting Down the UNIX Operating System Arcadio A. Sincero Jr. 6/6/2001 CMSC 691X, Section 6080.

NODEMANAGER WEBLOGIC SERVER. 1.Creating logical machines 2.Using nodemanager for server startup and shutdown GETTING STARTED.

MCTS GUIDE TO MICROSOFT WINDOWS 7 Chapter 10 Performance Tuning.

Host Hardening (March 21, 2011) © Abdou Illia – Spring 2011.

Host Hardening (March 30, 2015) © Abdou Illia – Spring 2015 Series of actions to be taken in order to make it hard for an attacker to successfully attack.

Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.

System Hardening Borrowed from the CLICS group. System Hardening How do we respond to problems? (e.g. operating system deadlock) Detect Detect (Detect.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 11: Monitoring Server Performance.

System Startup and Shutdown

MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 14 Server and Network Monitoring.

Apache : Installation, Configuration, Basic Security Presented by, Sandeep K Thopucherela, ECE Department.

Engineering H192 - Computer Programming The Ohio State University Gateway Engineering Education Coalition Lect 16AP. 1Winter Quarter UNIX Process Management.

Linux Operations and Administration

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.

1 Chapter Overview Monitoring Server Performance Monitoring Shared Resources Microsoft Windows 2000 Auditing.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

Booting and boot levels

Hands-On Microsoft Windows Server 2008

Using Windows Firewall and Windows Defender

MCTS Guide to Microsoft Windows 7

System Startup & Shutdown Objectives –to interpret the Unix startup and shutdown configuration files –to be able to create a customised run level Contents.

Linux Security Anthony Albrecht – Services & Accounts

CIS250 OPERATING SYSTEMS WIN2k Lab # 3 Creating User Accounts Defining User Profiles Creating Groups Setting System Policies.

1 Linux Basics for Networking. 2 Module - Linux Basics for Networking ♦ Overview This module focuses on the basics of networking using Redhat Enterprise.

Basic Service & Settings pmli. Basic Service e.g. http, ftp, etc.

1 Host Hardening Chapter 6 Copyright 2003 Prentice-Hall.

2/19/2003 Lecture 3 Computer System Administration Lecture 3 Setup (continued)

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 11: Monitoring Server Performance.

ITI-481: Unix Administration Meeting 3. Today’s Agenda Hands-on exercises with booting and software installation. Account Management Basic Network Configuration.

Database-Driven Web Sites, Second Edition1 Chapter 5 WEB SERVERS.

Linux Services Muhammad Amer. 2 xinetd Programs  In computer networking, xinetd, the eXtended InterNET Daemon, is an open-source super-server daemon.

Host Hardening Chapter 6 Panko, Corporate Computer and Network Security Copyright 2005 Prentice-Hall.

FTP for Windows How to get ftp to work in Windows -Navigate to control panel -> programs and features -On the left side click on Turn Windows features.

Threading Servlets Can handle multiple clients concurrently Shared resources must be synchronized or create a servlet that handles one request at a time.

Managing processes and services. 1. How Linux handles processes 2. Managing running processes 3. Scheduling processes.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 11: Monitoring Server Performance.

Nezer J. Zaidenberg.  Advanced programming for the unix environment (chapters about processes)

Agenda  Working with Processes: Purpose Running Programs within same process (execl, execlp, execle, execv, execvp, execve) “Spawning” other process (fork,

Chapter 3 & 6 Root Status and users File Ownership Every file has a owner and group –These give read,write, and execute priv’s to the owner, group, and.

Chapter 3 Operating Systems © 2007 Pearson Addison-Wesley. All rights reserved.

CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Backdoors and Rootkits.

© 2004 EMC Corporation. All rights reserved. 111 nsr_shutdown Changes in NetWorker 7.3 nsr_shutdown’s Redesign for Scalability Bryce Tompkins

Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.

APST Internals Sathish Vadhiyar. apstd daemon should be started on the local resource Opens a port to listen for apst client requests Runs on the host.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

1 Software. 2 What is software ► Software is the term that we use for all the programs and data on a computer system. ► Two types of software ► Program.

Chapter 8 File System Security. File Protection Schemes Login passwords Encryption File Access Privileges.

Chapter 8 File System Security. File Protection Schemes Password-Based Protection Encryption-Based Protection Protection-Based on Access Permission.

Linux Operations and Administration

Integrity Check As You Well Know, It Is A Violation Of Academic Integrity To Fake The Results On Any.

PTA Linux Series Copyright Professional Training Academy, CSIS, University of Limerick, 2006 © Workshop VI Scheduling & Process Management Professional.

Day 15 Apache. Being a web server Once your system is correctly connected to the network, you could be a web server. –When you go to a web site such as.

C Copyright © 2006, Oracle. All rights reserved. Oracle Secure Backup Additional Installation Topics.

Chap-I Network and System Configuration in Linux

Chapter 11 – Processes and Services

Linux Start Sequence Summary

Services & Settings.

CONFIGURING HARDWARE DEVICE & START UP PROCESS

Protecting Your Maps and Data when using ArcGIS Server

UNIX Services and Daemons

Figure 6-9: Managing Users and Groups

OPS235: Week 1 Installing Linux (Lab1: Investigations 4 - )

Configuration Of A Pull Network.

Lab 6: Process Management

Chapter 8, pp 171 – pp 200 Web Security, by Lincoln D. Stein

Presentation transcript:

1 Figure 6-5: Turning Off Unnecessary Services Unnecessary Services  Operating system vendors used to install many services by default  This made them easier to use. When use changes, services do not have to be turned on.  Attackers have found flaws in many of these rare services

2 Figure 6-5: Turning Off Unnecessary Services Unnecessary Services  Vendors now install fewer services by default—lock down mode  Turn to security baseline to see what services to turn on and off  Easier to install too few and add than to install too many and remove unwanted services

3 Figure 6-5: Turning Off Unnecessary Services Turning Off Services In Windows  Go to the Computer Management MMC  On the tree, select Services and Applications (Figure 6-6) Status tells whether the service is active Startup tells how the service is started (automatic, manual, disabled, etc.)  Right click on a service or select and choose Action to stop a service, start it, disable it, etc.

4 Figure 6-6: Services and Applications in Windows

5 Figure 6-5: Turning Off Unnecessary Services Turning Off Services In UNIX  Three ways to start services inetd to start services when requests come in from users (Figure 6-7) rc scripts to start services automatically at book up (Figure 6-8) Start a service manually by typing its name or executing a batch file that does so

6 Figure 6-7: UNIX inetd Daemon for Responding to Client Requests Program A Program B Program C Program D inetd Port 23 Program A Port 80 Program B Port 123 Program C Port 1510 Program D 1. Client Request To Port Start and Process This Request 3. Program B 2. Port 80 inetd.config

7 Figure 6-8 The UNIX rc.d Method of Automatically Starting Services /etc/rc.d 1. Script for Service A 2. Script for Service B 3. Script for Service F 4. Script for Service H rc0.d [scripts to run during System Mode 0-shutdown] K2... [Run the Kill portion of Script 2: Kills Service B] K3... [Run the Kill portion of Script 3: Kills Service F]... rc.d directory Scripts for services. Contain scripts to start or kill services. Directory rc0.d. Subdirectory of rc.d. Contains scripts to run start or kill portions of scripts in rc.d directory. These scripts are executed if run mode 0 occurs—system shutdown

8 Figure 6-8 The UNIX rc.d Method of Automatically Starting Services rc1.d rc2.d rc3.d rc4.d rc5.d rc6.d [scripts to run during System Mode 6-startup] S1... [Run the Start portion of Script 1: Starts Service A] S2... [Run the Start portion of Script 2: Starts Service B]... rcs.d [scripts to run during System Mode s—single-user mode] Other subdirectories of rc.d for scripts to execute in different run modes, such as run mode 6—startup

9 Figure 6-5: Turning Off Unnecessary Services Turning Off Services In UNIX  Identifying services that are running at any moment ps (processor status), usually with –aux parameters, lists running programs  Shows process name and process ID (PID) netstat tells what services are running on what ports

10 Figure 6-5: Turning Off Unnecessary Services Turning Off Services In UNIX  kill PID to kill a particular process  kill 47 (If PID=47) Add parameters –SIGTERM, -SIGHUP, -SIGKILL in order of increasing urgency  kill 47 –SIGTERM (PID = 47) Only kills for now. Must search inetd.config, rc scripts, batch files to see where it is being started automatically. Difficult to do.