User level changes, User level changes -10 – Xerox FreeFlow® Print Server Version 6.0 (Security Guide) User Manual

1 0

Security Guide

User level changes

The following user-level changes are made:

•

all users for at, cron, and batch are disallowed

•

nuucp account is disabled

•

listen account is disabled

•

password entry locked for bin, sys, adm, uucp, nobody,
noaccess, nobody4, and anonymous

sadmind

Distributed system
administration daemon

Used by Solstice AdminSuite applications to
perform distributed system administration. Not
used by the Xerox FreeFlow Print Server.

shell

Remote execution
server

Used by rsh(1) and rcp(1) commands. The
Xerox print command line client relies on the
remote shell internet service being enabled
since it uses the rcp(1) command to transfer files
onto the Xerox FreeFlow Print Server. However,
this service represents a security risk. Not used
by the Xerox FreeFlow Print Server.

Sun-dr (DCS)

Domain configuration
server

The Domain Configuration Server (DCS) is a
daemon process that runs on Sun servers that
support remote Dynamic Reconfiguration (DR)
clients. It is started by the Service Management
Facility when the first DR request is received
from a client connecting to the network service
sun-dr.

talk

Server for talk program

The talk utility is a two-way, screen oriented
communication program. Not used by the Xerox
FreeFlow Print Server.

telnet

TELNET protocol
server

This can be used to enable/disable the telnet
server. This does not affect using the telnet client
from the Xerox FreeFlow Print Server to another
host running on TELNET server.

time

Time Protocol server

Outdated time service. Seldom used anymore.
Not used by the Xerox FreeFlow Print Server.

uucp

UUCP server

UNIX to UNIX system copy over networks.
UUCP is not securely set up and can be
exploited in many ways. Not used by the Xerox
FreeFlow Print Server.

INETD Service

Description