Top 3 Service Clients to remove for Securing Redhat or CentOS Linux

As part of Best Security Practices, it is recommended to remove service clients that are not required for normal operation to reduce local attack. Here are the following programs or clients that need to remove. (Not in particular order)

1.NIS Client
-it is used to bind a machine to NIS server, and receive the distributed config files. NIC is an insecure system and can be vulnerable to attacks like DOS, buffer overflows. It has poor authentication mechanism as well.

Command to verify if NIS is installed or not:

rpm -q ypbind

Recommendation: to remove nis package

yum remove ypbind
dnf remove ypbind

2. Telnet Client

-it allows users to establish connections to other systems via the telnet protocol. It is insecure and and not encrypted, meaning it could allow unauthorized users to steal credentials.
Note: Some users required telnet for testing and troubleshooting,e.g. if ports are open, so this depends on the environment and requirement.

Command to verify if telnet is installed or not:

rpm -q telnet

Recommendation: to remove telnet

yum remove telnet
dnf remove telnet

3. Lightweight Directory Access Protocol (LDAP) client
-LDAP provides a method of looking up information from a central database, and was a replacement to NIS.

Command to verify if LDAP client is installed or not:

rpm -q openldap-clients

Recommendation: to remove LDAP client to reduce potential attack area

yum remove openldap-clients
dnf remove openldap-clients

About the author

Free Linux

View all posts

Leave a Reply