Whilst the Firewall can be configured to
block the ports
used by the the various Linux services, if they are not required it is
disable any unused services on the Linux system.
Not only does this provide an additional level of Linux security but it
having unnecessary processes running and using up system resources. In
chapter we will explore the configuration of Linux services.
Before talking more about Linux services it
is first important to understand a little about Runlevels. A typical
Linux system can be configured to
boot up into one
of five different runlevels. During the boot a process called init
looks in the
/etc/inittab file to find the default runlevel. Having identified the
it proceeds to execute the appropriate startup scripts to run the
are required for the system.
The good news is that both the runlevel and
that get started are configurable.
Linux Init and Runlevels
the boot process for Redhat 9.0 and Fedora Core systems, for example,
opens the /etc/inittab file to decide what "runlevel" the
system should be booted to. The /etc/inittab file is a plain
that can be opened with your favorite text editor.
The relevant section of a sample /etc/inittab file is as
runlevel. The runlevels used by RHS are:
# 0 - halt (Do NOT set initdefault to this)
# 1 - Single user mode
# 2 - Multiuser, without NFS (The same as 3, if you do not
# 3 - Full multiuser mode
# 4 - unused
# 5 - X11
# 6 - reboot (Do NOT set initdefault to this)
The key line in the example above is:
This tells the init process that the default run level for the system
level 3. To change to a different run level simply change the number
the /etc/inittab file. Before doing this, however, be absolutely sure
which run level you want. Selecting the wrong runlevel can have serious
consequences. To help with this a detailed description of the
levels is outlined in the table below:
Table 1: Linux Runlevel Descriptions
halt runlevel - this is the runlevel at which the system shuts down.
For obvious reasons it is unlikely you would want this as your default
runlevel. This causes the system to start up in a single user mode
under which only the root user can log in. In this mode the system does
not start any networking or X windowing, X or multi-user services. This
run level is ideal for system administrators to perform system
maintenance or repair activities.
the system into a multi-user mode with text based console login
capability. This runlevel does not, however, start the network.
to runlevel 2 except that networking services are started. This is the
most common runlevel for server based systems that do not require any
kind of graphical desktop environment.
runlevel. This runlevel can be configured to provide a custom boot
the system into a networked, multi-user state with X Window System
capability. By default the graphical desktop environment will start at
the end of the boot process. This is the most common run level for
desktop or workstation use.
the system. Another runlevel that you are unlikely to want as your