Linux Patch Management: Keeping Linux Systems Up To Date

❑  

xinetd acts as a "super-server" for a number of other network services, such as the Kerberos secured versions of Telnet and rsync.

❑  

Individual services have their own management scripts in the /etc/xinetd.d directory.

❑  

Most xinetd services are disabled by default.

❑  

You can activate an xinetd service with the appropriate chkconfig command or by directly editing its xinetd script.

❑  

xinetd listens for connection requests from client applications.

❑  

When xinetd receives a connection request, it starts the server associated with the TCP/IP port and then waits for other connection requests.

❑  

The OpenSSH command utilities-sshd, ssh, ssh-keygen, ssh-add, and ssh-agent-provide secure remote services over any network connections.

❑  

Encryption is based on private and public keys.

❑  

Public keys are shared with others, so that they can communicate with you through SSH.

❑  

As it is easy to decipher traffic, even passwords, from telnet, ftp, and the "r" commands, it is best to use SSH on any publicly accessible network.

❑  

DHCP allows a client computer to obtain network information (such as an IP number) from a server.

❑  

The BOOTP protocol allows a client computer to access a DHCP server on a remote network.

❑  

DHCP servers are configured through /etc/dhcpd.conf.

❑  

The DHCP server daemon is dhcpd; the DHCP client daemon is dhclient.

❑  

NTP servers can help synchronize the systems on a network.

❑  

NTP clients can be configured with the Date/Time Configuration tool, which can be started with the system-config-date command. Alternatively, clients can also be configured in /etc/ntp.conf.

❑  

NTP clients can be synchronized with Stratum Two servers with the permission of their administrators; one alternative is the Public Time Server project at pool.ntp.org.

❑  

To configure an NTP client as a server, the /etc/ntp.conf file needs to be configured to allow access to the desired networks.