Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
i edited my services file and commented these two services out for the time being. Is this OK to do?
No, it isn't. The services file is just a mapping and should be left untouched unless you add service/port mappings.
If these services are run, make sure you need then, and they correspond with the daemon that is sposed to run that service.
If you don't need to run these services, make sure they don't get started in /etc/rc.d/rc(runlevel).d if standalone, or in Xinetd. Uninstalling them would be the best solution. If you need to run these services, but only accessable to some IP addresses or ranges, place the right restricitions in their own configs (and check your SNMP community strings setup), and Xinetd (where applicable), and the firewall, and TCP Wrappers. If you do, you'll be reasonably safe as there isn't a single point of failure then.
I would recommend simply disabling them at first. If that works without a hitch, then you can consider removing them.
All you have to do to stop them and have them not startup again is go to Server Setting ==> Services
Here you can stop, start, and determine if you want the service to startup at boot. Normally, you'll start with RunLevel 5 displayed. You would also want to disable these services in the lower levels.
To actually answer your question though...
rpm -qa | grep snmp ==> will show all of the RPMs that have snmp in them.
rpm -qa net-snmp.......... ==> will give details on that package
rpm -e net-snmp ==> will delete the package
man rpm ==> will give all this info and more
Sometimes, you'll try "rpm -e" and it will give an error indicating that other packages are dependent on the one you are trying to delete. At this point, with the help of "rpm -qi", you have to decide if you wish to decide the packages that are dependent too.
IF you do, you can list the original package you want to delete as well as the package that is dependent on it when you do the "rpm -e" a second time.
e.g. rpm -e net-snmp 2nd_Package
However, I'd still recommend holding off until you've run the system a while without using these packages.
you must have installed some routing stuff that you didnt need. rip is a routing
protocol (Routing Information Protcol) and snmp = Simple Network Management Protocol.....you probably dont need a RIP router...it is used
for advertising routes that you know about and recieving routes from other
routers (it updates the routing table). You probably really dont need this. You
did a "install everything" huh?