To keep your Linux servers and desktops as secure as possible, you should check for (and remove) legacy communication services. Jack Wallen shows you how.
Linux is a very secure operating system, but it’s not perfect. No operating system is. In fact, any platform that’s connected to a network is, in many ways, vulnerable. Like all other operating systems, there are a number of steps you can take to help mitigate those insecurities.
One thing you can do with Linux is remove the legacy communications services that can be installed by default, even though they are never used. Services like xinet, nis, tftp, tftpd-hpa, telnet, and rsh are not only unnecessary, they can pose security risks to your system. What do you do? You delete them.
SEE: Linux file and directory management commands (TechRepublic Premium)
By removing these systems, your Linux platform won’t miss out on anything. The only hiccup you might experience is if you have legacy applications installed that depend on one or more of these services. However, if you are using such legacy software, you should seriously consider finding a replacement.
To remove these legacy services on a Debian-based system, issue the command:
sudo apt-get --purge remove xinetd nis tftpd tftpd-hpa telnetd rsh-server rsh-redone-server
To remove those same services on a Red Hat-based system, the command would be:
sudo dnf erase xinetd ypserv tftp-server telnet-server rsh-server
If you find your Linux distribution of choice doesn’t include those services then congratulations, you’ve been a bit more secure all along. I’ve found many modern distributions do not ship with these services installed, but if you happen to either be running an older distribution or one that does ship with those services, you should remove them immediately. Even if you don’t find them installed, it’s always good to make sure to keep those Linux machines running securely.
Subscribe to TechRepublic’s How To Make Tech Work on YouTube for all the latest tech advice for business pros from Jack Wallen.