Requirement:
AMP : 8.x.0
Solution:It is recommended to avoid installing un-necessary packages in Centos system to avoid vulnerability. we can find and remove or disable unwanted services from the server to minimize vulnerability which are running on runlevel 3.
Configuration:It is recommended to avoid installing un-necessary packages in Centos system to avoid vulnerability. we can find and remove or disable unwanted services from the server to minimize vulnerability which are running on runlevel 3.
Step 1: Run the follwoing comamnd to find out the services which are running on runlevel 3.
# /sbin/chkconfig --list |grep '3:on'
This will list the service that are running in the runlevel3.
# /sbin/chkconfig --list | grep '3:on'
rrdcached 0:off 1:off 2:on 3:on 4:on 5:on 6:off
rsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off
shellinaboxd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
sysstat 0:off 1:off 2:on 3:on 4:off 5:on 6:off
udev-post 0:off 1:on 2:on 3:on 4:on 5:on 6:off
xinetd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
zookeeper-server 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Step 2: Once you have find out any unnecessary service are running, we can disable them using the following command.
# chkconfig serviceName off
For egs : to disable "xinetd" we need to execute the following command,
# chkconfig xinetd on
VerificationOutput before we disable service "xinetd ":
# /sbin/chkconfig --list | grep '3:on'
rrdcached 0:off 1:off 2:on 3:on 4:on 5:on 6:off
rsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off
shellinaboxd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
sysstat 0:off 1:off 2:on 3:on 4:off 5:on 6:off
udev-post 0:off 1:on 2:on 3:on 4:on 5:on 6:off
xinetd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
zookeeper-server 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Output after we disable the service "xinetd ":
# /sbin/chkconfig --list | grep '3:on'
rrdcached 0:off 1:off 2:on 3:on 4:on 5:on 6:off
rsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off
shellinaboxd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
sysstat 0:off 1:off 2:on 3:on 4:off 5:on 6:off
udev-post 0:off 1:on 2:on 3:on 4:on 5:on 6:off
zookeeper-server 0:off 1:off 2:on 3:on 4:on 5:on 6:off