Linux Servers: Shutting The Doors On Intrusion
The Linux operating system, when providing Internet-based services like web browsing, email transmission, and file transfers, relies on Linux servers to monitor and respond to incoming Transmission Control Protocol and Internet Protocol network requests. The Linux servers like your Web and email servers, which begin operating as soon as you boot your OS, and continue running as long as your OS is in acting are called stand-alone Linux servers. But you may also have other Linux servers which can either be configured to run under the Linux server xinetd, or to run as stand-alone servers. For example, The Linux server in charge of file transmission protocol, vsftp, can work either as a stand-alone or under xinetd. It's important for you to understand how to protect each Linux server from security threats, because one of the most common ways for intruders to access your Linux system is through its Internet services. Such intrusions, in fact, an happen even over and LAN whether or not it has an Internet connection, because each Internet service like email or file transmission requires the use of a Linux server program responding to client requests incoming on the IP network. Some Linux servers, unfortunately, have flaws which may allow hackers to log in to your system; Linux, however, does offer features which will let you work around these flaws to secure your Internet services. Outsiders, in fact, can use port scanners to try to connect with your system ports; if they get a response, they can determine which of your OS Internet Linux servers are active. Once they know which Linux servers are running, it is not hard for them to exploit the known weaknesses in those servers. Learning how to shut down your Linux servers when they are not needed, will give you one more weapon in you security arsenal. One way to take control of some of Linux servers is to use the chkconfig command with the name of the specific server. To shut down the file transmission server, for instance, simply type chkconfig vsftpd off when you are not sending or receiving files, and type chkconfig vsftp on when you are ready t to resume file transmission. If you want to control all your stand-alone Internet Linux servers including those which automatically start when you boot your system, you'll have to get into the xinetd Linux server which supervises them. When you start your system, the xinetd Linux server reads the /etc/xinetd.conf file, which in turn looks at files stored in the /etc/xinetd.d directory. Those files are the ones which tell xinetd which Linux servers to start, and Linux will allow you both to look at a list of the files in the directory, and to turn off Linux servers which you are not using. Turning off any of the Linux servers controlled by xinetd, however, will mean that you have to restart the xinetd server itself if you want the changes to be effective. To see a list of Linux servers in the xinetd directory, type ls.etc/xinetd.d. To shut down any of the xinetd-controlled Linux servers, type chkconfig filename off; simply take the filename from the xinetd directory. Once you have shut down as many of the servers as you need to, you can restart the xinetd server by typing /etc/init.d/xinetd restart. Xinetd will read the new configuration when it reboots, and you will have shut down the Linux servers which may have been available to intruders. |
