Yubico Forum https://forum.yubico.com/ |
|
[Q?] Hardening YubiRADIUS, what services can be disabled? https://forum.yubico.com/viewtopic.php?f=4&t=905 |
Page 1 of 1 |
Author: | nzkiwi68 [ Sun Jan 06, 2013 8:54 pm ] |
Post subject: | [Q?] Hardening YubiRADIUS, what services can be disabled? |
We'd like very much to harden our YubiRADIUS server and at the very least, turn off all the services that are not required. Using Webadmin: "System" - "Boot and Shutdown" Quote: Can support tell us EXACTY what services are required for YubiRADIUS to function? Then, I can go through and switch to "Start at boot time" - "No" for the rest of the services. There seems to be a large number of services that are not required which are running, e.g. * bluetooth * cpufrequtil * cups * fancontrol * kerneloops * loadcpufreq * nfs-common * nfs-kernel-server * rsync * samba * slapd (if your not going to use the built-in LDAP server) * smartmontools |
Author: | GRS [ Fri Jan 09, 2015 5:00 am ] |
Post subject: | Re: [Q?] Hardening YubiRADIUS, what services can be disabled |
Hardening Internet-facing servers is always critical, and one part to that is always to minimize the number of services running, especially those that are unnecessary for what you are doing. Check out what Green Rocket Security, a Yubico partner, is doing with GreenRADIUS to harden the server to solve this problem. GreenRADIUS is also currently maintained (whereas YubiRADIUS is no longer supported) and has patches and updates for the latest vulnerabilities such as Heartbleed, Shellshock and POODLE. |
Page 1 of 1 | All times are UTC + 1 hour |
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |