Uninstalling Servers

The most drastic measure to prevent a server from becoming a security risk is to uninstall it. The first step in uninstalling a server is usually to shut it down using its SysV startup script or kill, as described in the preceding section. Once this is done, you can use your partition's package management system to remove the server, as described in Chapter 11. Typically, removing the package also removes its SysV startup script or /etc/xinetd.d entry, if it has either of these. Thus, the computer can no longer even attempt to start the server. In some cases, the server may be started through other means, in which case the system may attempt to start the server, but it won't succeed. For instance, if you've got an /etc/inetd.conf entry for a server, inetd will not be able to launch the server. To prevent error messages from appearing in your logs, and to prevent accidental launches should you reinstall the package, you should track down and remove such entries.

If you installed the server from source code yourself, it may exist in /usr/local and not have an entry in your package database. Uninstalling such a package may be harder than uninstalling a packaged program, but it can be done. The most critical step is to delete the main server program. Check the server's documentation to determine what this file is. Many programs include an uninstall target for make, so you can uninstall the package by moving into the original source code directory and typing make uninstall.

Be aware that removing the software isn't a perfect guarantee that it'll never be run. You might accidentally install it again in the future, or one of your users might install the software for personal use. (Ordinary users can't run servers on privileged ports—those numbered below 1,024—but some servers are designed to run on unprivileged ports, and even normally privileged servers can run on unprivileged ports.) Crackers who obtain access to your system through other means might install additional servers for their own convenience.

Team LIB

1 previous

Team LIB

^ previous

0 0

Post a comment