Patching the System (cont.)

  • Set up inetd.conf. Comment out or remove all unnecessary services then restart inetd.
  • My inetd.conf only has telnet and ftp. (The firewall does not.)
  • Change the login banners to remove all of the OS info.
  • Disable all unnecessary services in the startup scripts in /etc/rc.d/rc*.d.
  • Check your message logging in /etc/syslog.conf
  • Remove unnecessary suid and sgid bits from files.