>1) can I take out of the kernel such services as ftp, telnet, etc.,
>without it affects me the functionality characteristic of the server?
>For example: I want to compile the kernel with the basic thing that
>specifies the transparent proxy.

ftp, telnet etc are ip based protocols, but you need your ip-support
for the the transparent proxy.

Ensure that no inetd and according daemon are running (killall inetd ftpd
ect.)

Use an simple iptables-set to realize the transparent proxy and to drop
all other packets.

>2) like I can know you to work and do minimum services specify the
>server that will have the firewall?

as above.

set general INPUT policy to DROP or DENY and allow only the services
you really need

>3) to compile, is it necessary to answer the questions one for one? I am
>not able to -for example -, to modify a supposition file that contains
>the questions, and then that the utility characteristic of the compiler
>receives it as entrance parameter?

more easy:

cd /usr/src/linux

make menuconfig

>I wait to have been clear and concise. Excuse my English.

Sure :O)

Yours Michael

-- 
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]