Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Help required in disabling commands.
Top Forums UNIX for Dummies Questions & Answers Help required in disabling commands. Post 302530747 by pinga123 on Wednesday 15th of June 2011 01:54:06 AM
Old 06-15-2011
Help required in disabling commands.
I want to disable following commands in my linux distribution (Thanks to Linux hardening guide)

Code:
# which rcp
/usr/kerberos/bin/rcp
# which rlogin
/usr/kerberos/bin/rlogin
# which rsh
/usr/kerberos/bin/rsh

When checked they were all part of krb5-workstation-1.6.1-25.el5 rpm.
Code:
# rpm -qf `which rcp`
krb5-workstation-1.6.1-25.el5
# rpm -qf `which rlogin`
krb5-workstation-1.6.1-25.el5
# rpm -qf `which rsh`
krb5-workstation-1.6.1-25.el5

As krb5-workstation-1.6.1-25.el5 has more than 100's of command associated with it,It wouldn't be a possible to remove the package itself.

Code:
# rpm -qlp krb5-workstation-1.6.1-31.el5_3.3.i386.rpm
warning: krb5-workstation-1.6.1-31.el5_3.3.i386.rpm: Header V3 DSA signature: NO
KEY, key ID 1e5e0159
/etc/pam.d/ekshell
/etc/pam.d/gssftp
/etc/pam.d/kshell
/etc/profile.d/krb5-workstation.csh
/etc/profile.d/krb5-workstation.sh
/etc/rc.d/init.d/krb524
/etc/sysconfig/krb524
/etc/xinetd.d/eklogin
/etc/xinetd.d/ekrb5-telnet
/etc/xinetd.d/gssftp
/etc/xinetd.d/klogin
/etc/xinetd.d/krb5-telnet
/etc/xinetd.d/kshell
/usr/kerberos
/usr/kerberos/bin
/usr/kerberos/bin/ftp
/usr/kerberos/bin/gss-client
/usr/kerberos/bin/kdestroy
/usr/kerberos/bin/kinit
/usr/kerberos/bin/klist
/usr/kerberos/bin/kpasswd
/usr/kerberos/bin/krb524init
/usr/kerberos/bin/krlogin
/usr/kerberos/bin/krsh
/usr/kerberos/bin/ksu
/usr/kerberos/bin/kvno
/usr/kerberos/bin/rcp
/usr/kerberos/bin/rlogin
/usr/kerberos/bin/rsh
/usr/kerberos/bin/sim_client
/usr/kerberos/bin/telnet
/usr/kerberos/bin/uuclient
/usr/kerberos/bin/v4rcp
/usr/kerberos/man
/usr/kerberos/man/man1
/usr/kerberos/man/man1/ftp.1.gz
/usr/kerberos/man/man1/kdestroy.1.gz
/usr/kerberos/man/man1/kinit.1.gz
/usr/kerberos/man/man1/klist.1.gz
/usr/kerberos/man/man1/kpasswd.1.gz
/usr/kerberos/man/man1/krb5-send-pr.1.gz
/usr/kerberos/man/man1/krb524init.1.gz
/usr/kerberos/man/man1/ksu.1.gz
/usr/kerberos/man/man1/kvno.1.gz
/usr/kerberos/man/man1/rcp.1.gz
/usr/kerberos/man/man1/rlogin.1.gz
/usr/kerberos/man/man1/rsh.1.gz
/usr/kerberos/man/man1/telnet.1.gz
/usr/kerberos/man/man1/v4rcp.1.gz
/usr/kerberos/man/man8
/usr/kerberos/man/man8/ftpd.8.gz
/usr/kerberos/man/man8/k5srvutil.8.gz
/usr/kerberos/man/man8/kadmin.8.gz
/usr/kerberos/man/man8/klogind.8.gz
/usr/kerberos/man/man8/krb524d.8.gz
/usr/kerberos/man/man8/kshd.8.gz
/usr/kerberos/man/man8/ktutil.8.gz
/usr/kerberos/man/man8/login.krb5.8.gz
/usr/kerberos/man/man8/telnetd.8.gz
/usr/kerberos/sbin
/usr/kerberos/sbin/ftpd
/usr/kerberos/sbin/gss-server
/usr/kerberos/sbin/k5srvutil
/usr/kerberos/sbin/kadmin
/usr/kerberos/sbin/klogind
/usr/kerberos/sbin/krb5-send-pr
/usr/kerberos/sbin/krb524d
/usr/kerberos/sbin/kshd
/usr/kerberos/sbin/ktutil
/usr/kerberos/sbin/login.krb5
/usr/kerberos/sbin/sim_server
/usr/kerberos/sbin/telnetd
/usr/kerberos/sbin/uuserver
/usr/share/doc/krb5-workstation-1.6.1
/usr/share/doc/krb5-workstation-1.6.1/convert-config-files
/usr/share/doc/krb5-workstation-1.6.1/kdestroy.html
/usr/share/doc/krb5-workstation-1.6.1/kinit.html
/usr/share/doc/krb5-workstation-1.6.1/klist.html
/usr/share/doc/krb5-workstation-1.6.1/kpasswd.html
/usr/share/doc/krb5-workstation-1.6.1/ksu.html
/usr/share/doc/krb5-workstation-1.6.1/services.append
/usr/share/doc/krb5-workstation-1.6.1/user-guide.ps.gz
/usr/share/info/krb5-user.info.gz


What else can be done to disable these command?
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Ports Disabling

I will want to disable all the ports not needed in my UNIX. If I put a # sign at the beginning of the line of the port name I want to disable in /etc/services.... that's all????? Or I need to do anything else to disable a port???? (1 Reply)
Discussion started by: rrivas
1 Replies

2. Solaris

Disabling telnet

I am running solaris 9.. currently has telnet / ssh access.. Initially I just want to stop telnet access (but leave ftp open as some scripts etc still using this and need modification) As far as I know I just need to do the following: edit the /etc/inetd.conf file and comment out: telnet ... (2 Replies)
Discussion started by: frustrated1
2 Replies

3. UNIX for Dummies Questions & Answers

Help required for these commands

Hi, I was going through some environment scripts where I require to make some changes. There are a couple of commands I cant understand at all. 1:- SIDS=${*:-} 2:- for element in detail.func common1.func status.func stop_start.func mc.global log.func under the for loop $element has been... (1 Reply)
Discussion started by: ayanbiswas
1 Replies

4. Shell Programming and Scripting

Help required to parse Oracle imp show=y output to DDL Commands

Hi, I generated an Oracle schema DDL script file using the show=y option of the Oracle import utility but the file that it generates needs a little more formating before we can run this as simple DDL comands to generate the schema at Target using the script file.Here is the simplified output of... (1 Reply)
Discussion started by: rajan_san
1 Replies

5. Solaris

disabling watchdog

hi, is it possible to disable the "hardware watchdog" on a V240 sol 10 server? and how to? this server freeze 9/10 during boot on this command...:mad: thanks (3 Replies)
Discussion started by: guilik
3 Replies

6. Solaris

Libraries required by commands

In solaris 10 how to I know what libraries are required by a particular command? please advise (1 Reply)
Discussion started by: Tirmazi
1 Replies

7. Shell Programming and Scripting

Getting required fields from a test file in required fromat in unix

My data is something like shown below. date1 date2 aaa bbbb ccccc date3 date4 dddd eeeeeee ffffffffff ggggg hh I want the output like this date1date2 aaa eeeeee I serached in the forum but didn't find the exact matching solution. Please help. (7 Replies)
Discussion started by: rdhanek
7 Replies

8. Solaris

Required list of all basic commands for a beginners

I want the commands list to view only files, and only directories and all the basic commands for a beginner of solaris (1 Reply)
Discussion started by: omsingh2k5
1 Replies

9. Shell Programming and Scripting

Help required in UNIX commands

I have 40000 records in a file where i need to change the 7th field date format from 05142016 to 20160514 I have given field below. any help would be highly appreciated. 364512|9999999|9999999|210553|195495477|195257095|05142016|10009|36313 ---------- Post updated at 05:02 AM... (2 Replies)
Discussion started by: arun888
2 Replies

10. Hardware

How disabling GPU?

Hi All I'm find out a way to disable the DGD: AMD Radeon HD 7470M on my Ubutu 16.04.2 LTS because radeon open source module is not capable to support this GPU and consequence the boot is very slow. I have tried serveral way with pci-stub.ids in the grub menu but not work. In general how... (11 Replies)
Discussion started by: _Fabio_79
11 Replies
All times are GMT -4. The time now is 03:28 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy