General Best Practices to Counter Security Threats
Post date: Oct 10, 2012 2:32:28 PM
Disable Unused Services and Open Ports
Investigate all the services running on the system and disable all those that are not required. For example, cups and lp are printer services that are not required. Similarly, remote logins and shells such as telnet, rlogin, should be disabled in favor of ssh. Services such as ftpd, smb, sendmail, the Apache web server may also be considered candidates to be disabled. The following services are required for the DCA. All others should be evaluated and disabled if not required.
•acpid
•auditd
•automount
•crond
•dsm_sa_datamgrd
•dsm_sa_eventmgrd
•dsm_sa_snmpd
•dca_log_cleanup.py
•dsm_om_shrsvcd
•gpm
•hald
•dell_rbu
•ipmi driver
•irqbalance
•dbus-daemon ..
•rpc.statd
•ntpd
•portmap
•rpc.idmapd
•snmpd
•openssh-daemon
•syslogd
•klogd
•xfs
Unpatched Services
Contact EMC Support for questions about security patch update availability for published software vulnerabilities and inquiries about possible product vulnerabilities.
Inattentive Administration
Administrators who fail to patch their systems are one of the greatest threats to server security. Recommended best practices around password quality, password expiration, accountability of administrative actions performed, and principle of least privileges must be followed as part of an enterprise security policy.