PingDirectory

Minimize network services

Take steps to reduce the potential for compromise of network services.

Steps include:

  • Disable any unnecessary network services.

  • If there are network daemons that must run on the system but are only accessed over the loopback interface, such as a local SMTP server for relaying email messages, configure them so that they are not accessible to external clients.

  • Use firewall software to ensure that only the minimum number of ports are exposed to external systems.

  • When possible, configure services to run as a non-root user with as few rights as possible.