Why should I secure services ?
When your server is not running any unnecessary daemon, and all those running up2date, it will divert the hacker out from your system. To the hacker, it is saying “nothing of intrest here buddy!, no extra daemons to hack, and those daemons that are there, are all updated. Better luck elsewhere”
redhat & fedora
Note:
I would suggest that you move/delete all those unneeded startup scripts from /etc/init.d and move them to some other location like /home/somewhere/init.d_moved/ with a chmod to 000 and if necessary link the original to /dev/null from /etc/rc?.d/
ntsysv
By default installation, services like anacron. autofs, echo, isdn, keytable, kudzu, lpd, telnet etc are running, which are safe to be disabled in the web server. The more daemon you run, the more likely of an exploit and your server being a target.
NEVER disable network and ssh or else, you will not be able to login to the server.
Please run/enable only which is necessary and needed.
If you have a backup or personal system, just enable a minimum of cron, network, SSH, syslog and random.
——————————————————————————–
debian:
the startup scripts are controlled via /etc/rc?.d/
the main scripts are at /etc/init.d/
——————————————————————————–
freebsd
on BSD systems, services that start at boot time is controlled by /etc/rc.conf. This configuration file overrides the defaults in /etc/defaults/rc.conf. Many of these services may already be disabled, so first check the defaults file /etc/defaults/rc.conf , then use commands in the override file /etc/rc.conf to disable services that you don’t need.
Code:
cp /etc/defaults/rc.conf /etc/defaults/rc.conf.backup cp /etc/rc.conf /etc/rc.conf.backup
now, edit the file as per your requirements
