183 lines
2.9 KiB
HTML
183 lines
2.9 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>The /etc/services file</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.60"><LINK
|
|
REL="HOME"
|
|
TITLE="Securing and Optimizing Linux"
|
|
HREF="index.html"><LINK
|
|
REL="UP"
|
|
TITLE="General System Security"
|
|
HREF="gen-syssecured.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="The /etc/host.conf file"
|
|
HREF="chap5sec39.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="The /etc/securetty file"
|
|
HREF="chap5sec41.html"></HEAD
|
|
><BODY
|
|
CLASS="section"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>Securing and Optimizing Linux: RedHat Edition -A Hands on Guide</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="chap5sec39.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
>Chapter 5. General System Security</TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="chap5sec41.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="section"
|
|
><H1
|
|
CLASS="section"
|
|
><A
|
|
NAME="AEN3491"
|
|
>5.11. The /etc/services file</A
|
|
></H1
|
|
><P
|
|
> The port numbers on which certain <EM
|
|
>standard</EM
|
|
> services are offered are defined in the RFC 1700 <EM
|
|
>Assigned Numbers</EM
|
|
>. The <TT
|
|
CLASS="filename"
|
|
>/etc/services</TT
|
|
> file enables server and client programs to convert service names to these
|
|
numbers -<TT
|
|
CLASS="literal"
|
|
>ports</TT
|
|
>. The list is kept on each host and it is stored in the file <TT
|
|
CLASS="filename"
|
|
>/etc/services</TT
|
|
>. Only the "root" user is allowed to make modification in this file and it is rare to edit the <TT
|
|
CLASS="filename"
|
|
>/etc/services</TT
|
|
>
|
|
file to make change since it already contains the more common service names to port numbers. To improve security, we can immunize this file to prevent unauthorized deletion or addition of services.
|
|
To immunize the <TT
|
|
CLASS="filename"
|
|
>/etc/services</TT
|
|
> file, use the command:
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="screen"
|
|
> [root@deep] /#<B
|
|
CLASS="command"
|
|
>chattr</B
|
|
> +i /etc/services
|
|
</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="chap5sec39.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="chap5sec41.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>The <TT
|
|
CLASS="filename"
|
|
>/etc/host.conf</TT
|
|
> file</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="gen-syssecured.html"
|
|
>Up</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>The <TT
|
|
CLASS="filename"
|
|
>/etc/securetty</TT
|
|
> file</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |