Maintaining security on your system is extremely important, and one
approach for this task is to manage access to system services carefully.
Your system may need to provide open access to particular services (for
example,httpd if you are running a Web server). However, if you do not
need to provide a service, you should turn it off to minimize your exposure
to possible bug exploits.
There are several different methods for managing access to system
services. Decide which method of management to use based on the
service, your system's configuration, and your level of Linux expertise.
The easiest way to deny access to a service is to turn it off. Both the
services managed byxinetd and the services in the/etc/rc.d/init.d
hierarchy (also known as SysV services) can be configured to start or stop
using three different applications:
displays a description of each service, displays whether each service is started at boot time (for runlevels 3, 4, and 5), and allows services to be started, stopped, and restarted.
services are started at boot time for each runlevel. Non\u00adxinetd
services can not be started, stopped, or restarted using this
On the other hand, the benefit of usingipta b l e s is flexibility. For example, if
you need a customized solution which provides certain hosts access to
certain services,ipta b l e s can provide it for you. Refer to the Red Hat
Before you can configure access to services, you must understand Linux runlevels. A runlevel is a state, ormode, that is defined by the services listed in the directory/etc/rc.d/rc<x>.d, where<x> is the number of the runlevel.
The default runlevel can be changed by modifying the/etc/inittab
file, which contains a line near the top of the file similar to the
To change the runlevel immediately, use the commandtelinit
followed by the runlevel number. You must be root to use this
command. Thete l i n i t command does not change the/etc/inittab
file; it only changes the runlevel currently running. When the system is
rebooted, it continues to boot the runlevel as specified in
This action might not be possible to undo. Are you sure you want to continue?