General Best Practices to Counter Security Threats

Post date: Oct 10, 2012 2:32:28 PM

Disable Unused Services and Open Ports

Investigate all the services running on the system and disable all those that are not required. For example, cups and lp are printer services that are not required. Similarly, remote logins and shells such as telnet, rlogin, should be disabled in favor of ssh. Services such as ftpd, smb, sendmail, the Apache web server may also be considered candidates to be disabled. The following services are required for the DCA. All others should be evaluated and disabled if not required.

•acpid

•auditd

•automount

•crond

•dsm_sa_datamgrd

•dsm_sa_eventmgrd

•dsm_sa_snmpd

•dca_log_cleanup.py

•dsm_om_shrsvcd

•gpm

•hald

•dell_rbu

•ipmi driver

•irqbalance

•dbus-daemon ..

•rpc.statd

•ntpd

•portmap

•rpc.idmapd

•snmpd

•openssh-daemon

•syslogd

•klogd

•xfs

Unpatched Services

Contact EMC Support for questions about security patch update availability for published software vulnerabilities and inquiries about possible product vulnerabilities.

Inattentive Administration

Administrators who fail to patch their systems are one of the greatest threats to server security. Recommended best practices around password quality, password expiration, accountability of administrative actions performed, and principle of least privileges must be followed as part of an enterprise security policy.