13.5. IP Service Administration

Unix has evolved into a system that can support many IP services. This characteristic is excellent from a functionality perspective, but not so good for security. Service-rich systems are easier to exploit because the chances of finding a vulnerability are greater. For example, someone wanting to attack your Unix system might find that you have done a good job of locking down HTTP, FTP, and SMTP services but that you have missed a Finger exploit.

In the next few sections, we'll look at the IP services available on most flavors of Unix and discuss how you can disable the services you do not need.

13.5.1. IP Services

A large number of IP services are available for Unix. The specific flavor of Unix that you are ...

Get Mastering™ Network Security, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.