Pick a Free OS

User login


Securing Linux: Part 2

bash# scp /path/to/local/file my.machine.com:/path/to/remote/directory

SSH can also be used to encrypt your POP and IMAP sessions. It works as

follows, SSH encapsulates the IMAP and POP protocols in a process called

tunnelling to prevent any transfer of clear-text passwords over the

network. Implementing such a solution isn't too much of an overhead if you

begin thinking like the cracker next door.

Disabling unnecessary services

The Linux installation I worked with was a SuSE box with a custom

installation. But this will vary from installation to installation. Most of

the users prefer a generic mode of installation like the server or desktop

installation. These default installation procedures install and start

various services that one may never require on one's network. It's

therefore necessary that you take a look at the various processes that are

running on the system and make it a point to disable the services that you

will never make use of.

One command that will let you sieve through the various services and

processes running in your memory space is the "ps" command.

bash# pas aux | less

The following is the output of the above command on my machine. It is a

list of the various processes that were running on the machine at the time

this memory snapshot was taken.


root 160 0.0 0.3 1644 148 ? S 09:01 0:00 /usr/sbin/nmbd


root 162 0.0 3.6 3292 1680 ? S 09:01 0:00

/usr/sbin/smbd -D

root 166 0.0 0.9 3312 432 ? S 09:01 0:00

/usr/sbin/squid -sYD

squid 167 0.0 4.6 5928 2144 ? S 09:01 0:01 (squid) -sYD

squid 168 0.0 1.0 1280 492 ? S 09:01 0:00 (dnsserver)

squid 169 0.0 1.0 1280 492 ? S 09:01 0:00 (dnsserver)

The first two processes are related to the SAMBA server on the Linux box.

/usr/sbin/nmbd are the NetBIOS over IP naming services for Windows machines

and /usr/sbin/smbd is the SMB server for both windows and UNIX machines.

The last three services are related to the SQUID caching proxy server on

the machine. Thus by going through the processes in your memory space you

get an idea about the services that are running on your machine. If there

are services that have been started by default and you have no use of those