Boot Startup

From SysadminWiki

One of the best ways to enhance security is to minimize the number of programs you are running on your system. On unix systems many programs are started at boot time by default. Do you know all of them and what are they for and why are you running them?

Startup scripts are included in /etc/init.d directory. The fact that a script is there doesn't mean that is enabled in any run level. Grid machines run normally at level 3 which is multi-user with nfs enabled, you desktop machines run at level 5 since they are multi-user machines running X11 servers. When a machine is hacked you can switch, for inspection, to run level 1 which is single user mode with all the services disabled. For more information about run levels: man inittab.

If you use a RedHat based system you can check what you have enabled and in what run level with chkconfig

/sbin/chkconfig --list

Most of the programs will be disabled on all levels and most of the enabled ones will be enabled on run level 3,4,5, some also on level 2.

For grid sites here is an example list of processes you can safely disable when you install grid nodes. In Manchester this is done directly in the post-install part of the RHEL3 Kickstart (http://www.redhat.com/docs/manuals/enterprise/RHEL-3-Manual/sysadmin-guide).

/sbin/chkconfig telnet off
/sbin/chkconfig finger off
/sbin/chkconfig lpd off
/sbin/chkconfig kudzu off
/sbin/chkconfig cups off
/sbin/chkconfig sendmail off
/sbin/chkconfig canna off
/sbin/chkconfig FreeWnn off