S 5.16 Survey of network services

Initiation responsibility: IT Security Management, Administrators

Implementation responsibility: Administrators

Before starting the security check of individual network services and processes under Unix, a survey should first be made of the services required and those which may already have been installed. For the latter, it is useful to generate a list of all network processes by means of the ps command and relevant options. Then information should be obtained on the function of each one of these processes and on where a process is started with which options. Often this is done in the/etc/rc, /etc/rc.net, /etc/rc.local files which are read during system bootup.

Of particular importance is the inetd daemon since it can initiate all processes listed in the /etc/inetd.conf file. Configuration files such as/etc/services, /etc/protocols, /etc/hosts, /etc/gated.conf, and others, must also be checked.