全部博文(263)
分类: LINUX
2008-05-20 15:45:10
Your Debian / Ubuntu Linux box security depends upon access to system services (one of many aspects). For example, you may need to provide a web server (Apache service) to serve web pages. However, if you do not need use a service, you should always turn off all unused services to avoid exploits.
Traditionally, Debian provided various tools to manage services.
There are various methods for managing access to system services:
a) /etc/init.d/service
b) rcconf
c) update-rc.d etc
Under Red hat and Centos Linux you can use (ntsysv command) to configure Sys V style init script links. There is also service command to stop / start / restart services.
So if you are addicted to the service command under RHEL / CentOS /
Mandriva Linux and have wondered what to do in Debian / Ubuntu, Linux
try sysvconfig package.
Debian and Ubuntu Linux also offers service command. It can be used to execute System V style init script stored at /etc/init.d/service-name { start|stop|restart|action }. This is good if you grown up with Red hat. This tool is equivalent to (rcconf and others).
First, install sysvconfig package:
$ sudo apt-get install sysvconfig
To start / restart / stop service, use the following syntax:
$ sudo service {service-name} restart <-- Restart service
$ sudo service {service-name} stop <-- Stop service
$ sudo service {service-name} start <-- Start service
For example to stop apache service, enter:
$ sudo service apache stop
This is a text-based application that allows you to configure which services are started at boot time for each runlevel. It is simple interface for configuring runlevels. sysvconfig is just like ntsysv under Red hat Linux. It has dialog based interactive, menus to help automate setting up Sys V style init script links:
To start Sys V editor, enter:
$ sudo sysvconfig &
(Fig 01: sysvconfig in action - startup screen with menus)
You can enable or disable any system services:
(Fig 02: sysvconfig in action - Enable or Disable system services)
Please note that when you configure a new service using these tools, you may need to reconfigure firewall as well to open required ports.
