Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

How do I remove commands?

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers How do I remove commands?
# 8  
Old 10-05-2010
Quote:
Originally Posted by bakunin
I do not know which operating system you are using and chances are that I'm not that well accustomed to whatever you use. But there are some general principles which pay off if adhered to:

1) Do not - never ever - remove binaries by deleting them, as was suggested by citaylor. If you have a package management (like the mentioned rpm) use ONLY that to get software packages you do not want to be used out of the system.

2) Every Unix has a standard set of commands and rsh (rlogin, rexec, ...) are such standard commands. You might not want them to be used without further ado, but deleting them is the wrong way to accomplish what you want. Remove ".rlogin"-files (and probably similar ones, like ".netrc") from user-homes (to make password-less access to systems impossible), deactivate the respective services in inetd.conf or employ similar methods.

3) Modifying the rights of executables is a possible way, but be aware, that you modify the system - like with removing the executables altogether. If you still want to go that way you might want to create an rpm-package which does the changes and only bring this to the system - the package should undo these changes upon deinstallation of course.

I hope this helps.

bakunin
Confused with 3 rd point of yours .What is the relation between Modifying the rights of executable and writing the own rpm package.
# 9  
Old 10-05-2010
Quote:
Originally Posted by pinga123
Confused with 3 rd point of yours .What is the relation between Modifying the rights of executable and writing the own rpm package.
If you change the filemodes (=rights) of your system executables (like "/usr/bin/rlogin", etc.) you are modifying the system: before this change the executable had the filemode "x" (which came from the installation package), afterwards it has "y".

If you pack this change at least into a package (which can be installed and uninstalled) you could "roll back" your change should the necessity for doing so arise. What i meant was: if you have to do it (the modification of the filemodes) at all, do it this way.

I hope this helps.

bakunin
# 10  
Old 10-05-2010
Quote:
Originally Posted by bakunin
If you change the filemodes (=rights) of your system executables (like "/usr/bin/rlogin", etc.) you are modifying the system: before this change the executable had the filemode "x" (which came from the installation package), afterwards it has "y".

If you pack this change at least into a package (which can be installed and uninstalled) you could "roll back" your change should the necessity for doing so arise. What i meant was: if you have to do it (the modification of the filemodes) at all, do it this way.

I hope this helps.

bakunin
Still confused. Can you please explain with practical example in mind.

Let me clear my stand .I m doing it as a part of server hardening.
and i just dont want someone to use those command in my system.How are they going to change the system if i change their permissions.
# 11  
Old 10-05-2010
Quote:
Originally Posted by pinga123
Still confused.
It gives you an 'undo' button, more or less. And a clearer indication of what you did should you return 4 years down the line.
# 12  
Old 10-05-2010
You might want to put symlinks to ssh, scp, ssh in place of rsh, rcp, rlogin so the users move to the more secure tools without recoding.
# 13  
Old 10-05-2010
Quote:
Originally Posted by DGPickett
You might want to put symlinks to ssh, scp, ssh in place of rsh, rcp, rlogin so the users move to the more secure tools without recoding.
Are they really the same? Any difference could cause much confusion.
# 14  
Old 10-05-2010
With lateral thought I wonder if you may have misunderstood some "server hardening" advice.

It is more usual to comment out those TCP/IP inetd services which are enabled by default but which you never use because you have secure versions.
In most versions of unix these include rsh, rcp and rlogin .

There are a lot more candidates (e.g. tftpd , fingerd) and some administrators would even disable UDP protocols too (e.g. echo).


You can stop an external computer making any connection to your server with rsh, rcp or rlogin by not listening for those types of connections.

By further lateral thought just disabling the commands on your computer does not stop incoming connection. (However removing the package might - but I don't know your O/S).
 
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Bash to remove find and remove specific extension

The bash below executes and does find all the .bam files in each R_2019 folder. However set -x shows that the .bam extension only gets removed from one .bam file in each folder (appears to be the last in each). Why is it not removing the extension from each (this is $SAMPLE)? Thank you :). set... (4 Replies)
Discussion started by: cmccabe
4 Replies

2. Post Here to Contact Site Administrators and Moderators

Please remove this post/remove information from it

In this thread: /shell-programming-and-scripting/255687-organizing-text-file-capital-names-capital-word-capital-word.html (sorry i cant use links) that is not an example, those are real students names with real student login id's for the college i am attending and i am on that list. Please... (3 Replies)
Discussion started by: throwawayacc
3 Replies

3. Shell Programming and Scripting

remove brackets and put it in a column and remove repeated entry

Hi all, I want to remove the remove bracket sign ( ) and put in the separate column I also want to remove the repeated entry like in first row in below input (PA156) is repeated ESR1 (PA156) leflunomide (PA450192) (PA156) leflunomide (PA450192) CHST3 (PA26503) docetaxel... (2 Replies)
Discussion started by: manigrover
2 Replies

4. AIX

HACMP: difference between 'cl' commands and 'cli' commands

Hi all, I'm new in this forum. I'm looking for the difference between the HACMP commands with the prefix "cl" and "cli". The first type are under /usr/es/sbin/cluster/sbin directory and the second are under /usr/es/sbin/cluster/cspoc directory. I know that the first are called HACMP for AIX... (0 Replies)
Discussion started by: peppix
0 Replies

5. Shell Programming and Scripting

command to remove multiple commands in particular columns

Hi Experts, I actually need to remove multiple commas within the column not the entire row. Its comma delimited file Actually the value seems to look like 1,006,000, when we open this in notepad or word pad the value look s like “1,006,000” Actually our Sed command removes single comma and... (7 Replies)
Discussion started by: bshivali
7 Replies

6. Shell Programming and Scripting

To remove date and duplicate rows from a log file using unix commands

Hi, I have a log file having size of 48mb. For such a large log file. I want to get the message in a particular format which includes only unique error and exception messages. The following things to be done : 1) To remove all the date and time from the log file 2) To remove all the... (1 Reply)
Discussion started by: Pank10
1 Replies

7. Shell Programming and Scripting

Can BASH execute commands on a remote server when the commands are embedded in shell

I want to log into a remote server transfer over a new config and then backup the existing config, replace with the new config. I am not sure if I can do this with BASH scripting. I have set up password less login by adding my public key to authorized_keys file, it works. I am a little... (1 Reply)
Discussion started by: bash_in_my_head
1 Replies

8. Programming

code that reads commands from the standard i/p and executes the commands

Hello all, i've written a small piece of code that will read commands from standard input and executes the commands. Its working fine and is execting the commands well. Accepting arguments too. e.g #mkdir <name of the directory> The problem is that its not letting me change the directory i.e... (4 Replies)
Discussion started by: Phrozen Smoke
4 Replies

9. UNIX for Advanced & Expert Users

Remove Commands from Buffer

Hi.. When I execute a command, say for ex.. cp ../../* to ..../.../* and then when I use escape K, enter... it shows the commands recently executed. How can we remove that commands from buffer? This is a sun-solaris 8 environment.. Thanks, ST2000 (3 Replies)
Discussion started by: ST2000
3 Replies

10. UNIX for Dummies Questions & Answers

smitty, remove user, remove directory as well..

hi, i am on aix. i used smitty to remove a user.. but then found that its directory still exists.... so i have to remove the directory manually... am i doing it the right way? (2 Replies)
Discussion started by: yls177
2 Replies
Login or Register to Ask a Question