Xerox 6180N FreeFlow® Print Server Security Guide - Page 9
Enable and disable services
UPC - 095205425307
View all Xerox 6180N manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 9 highlights
Enable and disable services The following tables provide a list of the services that can be enabled and disabled from the Xerox FreeFlow Print Server "Setup > Security Profiles" menu options. NOTE: Services list may vary, depending on the product. Table 2-2 "System" tab System Service Allow_host.equiv_plus Anonymous FTP BSM Executable Stacks Hide Info Banners Multicast Routing Remote CDE Logins Restrict DFS tab Restrict NFS Portmon Router Secure File Permissions Description Background: The /etc/hosts.equiv and /.rhosts files provide the remote authentication database for rlogin, rsh, rcp, and rexec. The files specify remote hosts and users that are considered to be trusted. Trusted users are allowed to access the local system without supplying a password. These files can be removed or modified to enhance security. The Xerox FreeFlow Print Server is provided with both of these files deleted entirely. The setting All_host.equiv_plus is set to disabled, then anytime that security settings are applied, the + will be removed from host.equiv. IMPORTANT NOTE: Removing the + from the hosts.equiv file will prevent the use of the Xerox command line client print from remote clients. An alternative would be to remove the + and add the name of each trusted host that requires this functionality. Leaving the + will allow a user from any remote host to access the system with the same username Enable or disable the Basic Security Module (BSM) on Solaris Some security exploits take advantage of the Solaris OE kernel executable system stack to attack the system. Some of these exploits can be avoided by making the system stack non-executable. The following lines are added to /etc/system/fP file:set noexec_user_stack=1set noexec_user_stack_log=1 Deny all remote access (direct/broadcast) to the X server running on the Xerox FreeFlow Print Server by installing an appropriate /etc/dt/ config/Xaccess file. Disable router mode by creating an empty the empty file: /etc/ notrouter. Security Guide 5