The problem with this strategy is that it may cause patch installations to
fail, if the patch is for a package that includes one of the binaries you
removed.
The ultra-paranoid are advised (by me :) to simply chmod 000 instead of rm.
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Christopher C. Petro
> Sent: Wednesday, June 23, 1999 3:17 PM
> To: [EMAIL PROTECTED]
> Subject: RE: Why not FireWall-1 on NT?
>
>
> >What to turn off in Solaris 2.x
> > Any service in rc2.d or rc3.d that isn't need (i.e., S73nfs.client,
> >S15nfs.server, S71rpc) can be disabled by appending no_ to the front of the
> >file name.
> > Any service in /etc/inetd.conf that's not needed (i.e., talk, finger,
> >name, comsat, uucp,exec, shell, tftp) can be disabled by commenting them
> >out.
> >
> > It's also not a bad idea to disable the in.routed routing process (also
> >in.rdisc).
>
> Personally I'd suggest removing the offending binaries from
> the machine, rather than just not starting them up.
> --
> We have only come here seeking knowledge
> Things they would not teach us of in college.--The Police
>
http://www.atypon.com [EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
