IT Baseline Protection Manual - The Information Warfare Site

Safeguard Catalogue - Communications Remarks
____________________________________________________________________ .........................................
S 5.16 Survey of network services
Initiation responsibility: IT Security Management, Administrators
Implementation responsibility: Administrators
Before starting the security check of individual network services and
processes under UNIX, a survey should first be made of the services required
and those which may already have been installed. For the latter, it is useful to
generate a list of all network processes by means of the ps command and
relevant options. Then information should be obtained on the function of each
one of these processes and on where a process is started with which options.
Often this is done in the /etc/rc, /etc/rc.net, /etc/rc.local files which are read
during system bootup.
Of particular importance is the inetd daemon since it can initiate all processes
listed in the /etc/inetd.conf file. Configuration files such as /etc/services,
/etc/protocols, /etc/hosts, /etc/gated.conf, and others, must also be checked.
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000