Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
SuSE uses the Redhat chkconfig utility to control what services are on or off.
To see what services you have on:
chkconfig --list | grep on
To turn a service off:
chkconfig servicename off
where servicename is the name of a service listed in the chkconfig output
portmap = sunrpc
cups = ipp
postfix = smtp
After a reboot, the changes in chkconfig will be applied. If you don't want to reboot, you can shut the various services off manually, like:
You won't be able to shut off X11 unless you don't have X windows running or if you use the -- nolisten-tcp option. Easiest way is to just firewall X. If you're already behind a firewall then that's not ideal, but still reasonably safe.
Hope that helps.
Last edited by Capt_Caveman; 01-19-2004 at 03:28 PM.
I just started using SuSE and it took me a while to figure where to put the -nolisten tcp option. It seems everyone knows what the command was but couldn't tell me the correct place to put it.
Well if your running KDE - /etc/opt/kde3/share/config/kdm/ copy the Xservers file to Xservers.back then vi on the Xservers file and edit the following line.
:0 local /usr/X11R6/bin/X vt7
change it to look like the line below.
:0 local /usr/X11R6/bin/X vt7 -nolisten tcp
Now when you restart it will be gone.
As for Gnome I'm not sure if it's the same maybe somebody (or you) will post back what it is for Gnome. (I don't currently have it loaded.)
I do have to say I'm very dissapointed that there's no SUSE forums anywhere ... well the only one I could find was in german. I hope that Novell/Suse brings back the forum that now seems dead.
I think that the future of Novell 7.0 on the backend and Suse on the desktop could provide some very good setups for school systems that are looking to save money and are already a Novell shop. IMHO.
PS. Just FYI. Redhat didn't create chkconfig (and man I was pissed when the arguments I learned in redhat didn't work in SuSE ie. using the --levels options (which is nice).) It was created for IRIX and then later redone via RedHat and given additional arguments etc. However the chkconfig works in SuSE ... just not EXACTLY the same as redhats version.
Last edited by cycl3fr3ak; 01-20-2004 at 07:45 AM.
bootpc is your linux box's bootp client. It does network discovery stuff like grab its IP address and locate DNS server info. If you're using some kind of bootp or other dynamic IP assignment protocol, it should be on. If you have a static IP then you won't need it, but usually this is determined during your initial networking setup. Again if you're concerned about abuse, you can firewall it and only allow communication with your dhcp/bootp server.
Last edited by Capt_Caveman; 01-20-2004 at 08:34 AM.
32768+ nice Capt_Caveman - I see why you're a moderator. Isn't a bit annoying what it takes to hold off these idiots that insist on *haking* (sic) All at once I get tired of it, but I still will never give up the good fight!