Xerox 701P46740 manual User level changes

Page 14

INETD Service

 

Description

 

 

 

sadmind

Distributed system

Used by Solstice AdminSuite applications to

 

administration daemon

perform distributed system administration. Not

 

 

used by the Xerox FreeFlow Print Server.

shell

Remote execution

Used by rsh(1) and rcp(1) commands. The

 

server

Xerox print command line client relies on the

 

 

remote shell internet service being enabled

 

 

since it uses the rcp(1) command to transfer files

 

 

onto the Xerox FreeFlow Print Server. However,

 

 

this service represents a security risk. Not used

 

 

by the Xerox FreeFlow Print Server.

Sun-dr (DCS)

Domain configuration

The Domain Configuration Server (DCS) is a

 

server

daemon process that runs on Sun servers that

 

 

support remote Dynamic Reconfiguration (DR)

 

 

clients. It is started by the Service Management

 

 

Facility when the first DR request is received

 

 

from a client connecting to the network service

 

 

sun-dr.

talk

Server for talk program

The talk utility is a two-way, screen oriented

 

 

communication program. Not used by the Xerox

 

 

FreeFlow Print Server.

telnet

TELNET protocol

This can be used to enable/disable the telnet

 

server

server. This does not affect using the telnet client

 

 

from the Xerox FreeFlow Print Server to another

 

 

host running on TELNET server.

time

Time Protocol server

Outdated time service. Seldom used anymore.

 

 

Not used by the Xerox FreeFlow Print Server.

uucp

UUCP server

UNIX to UNIX system copy over networks.

 

 

UUCP is not securely set up and can be

 

 

exploited in many ways. Not used by the Xerox

 

 

FreeFlow Print Server.

 

 

 

User level changes

The following user-level changes are made:

all users for at, cron, and batch are disallowed

nuucp account is disabled

listen account is disabled

password entry locked for bin, sys, adm, uucp, nobody, noaccess, nobody4, and anonymous

10

Security Guide

Image 14
Contents Security Guide USA Table of contents Table of contents Conventions ContentsAbout this guide Customer support Security System supplied security profilesCD-ROM FTPEnable and disable services BSMS47ASPPP S72AUTOINSTALLS40LLC2 S70UUCPS76SNMPDX S15NFS.SERVERS17HCLNFS.DAEMON S77DMISecurity Guide Security Guide User level changes Solaris file permissions Disabling secure name service databasesMulticast routing disabled OS and host information hiddenXerox FreeFlow Print Server router capabilities disabled Executable stacks disabledRemote CDE login disabled Sendmail daemon securedSecurity warning banners Remote shell internet serviceEnable-ftp and disable-ftp Disabling LP anonymous printingCreating user-defined profiles Setting the current and default profilesAccount management Local users and groupsDefault user groups and user accounts Group authorization Creating user accountsMED CD-ROM CDSAuto-Logon Default Screen/Auto-Logoff Password securityStrong Passwords How to Enable/Disable Strong PasswordAudit Logs GUI LoggingChanging individual passwords Accessing the Xerox FreeFlow Print Server through ADSDate/Time User Login/Logout User Activity on the SystemLimiting access IP FilteringRemote Workflow Using the Print Server SSL/TLS Security FeatureSecure Socket Layer Creating and Using a Self-Signed Certificate IsgwSecurity Guide Network Protocol Digital CertificatesSnmp HttpIPP WinsSSL Micr modeSecure Print NFSQueue Lock Prevent Unauthorized Queue ChangesRoles and responsibilities Xerox responsibilitiesSecurity tips Customer ResponsibilitiesVirus Scan Online Help for security