CASP+ CAS-003 – Question 92


As a security administrator, you are asked to harden a server running Red Hat Enterprise Server 5.5 64-bit. This server is being used as a DNS and time server. It is not used as a database, web server, or print server. There are no wireless connections to the server, and it does not need to print.
The command window will be provided along with root access. You are connected via a secure shell with root access. You may query help for a list of commands.

You need to disable and turn off unrelated services and processes.
It is possible to simulate a crash of your server session. The simulation can be reset, but the server cannot be rebooted. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Correct Answer: See the explanation below
In Order to deactivate web services, database services and print service, we can do following things
1) deactivate its services
/etc/init.d/apache2 stop
/etc/init.d/mysqld stop
2) close ports for these services
Web Server:
iptables -I INPUT -p tcp -m tcp –dport 443 -j REJECT
service iptables save
Print Server
iptables -I INPUT -p tcp -m tcp –dport 631 -j REJECT
service iptables save
Database Server
iptables -I INPUT -p tcp -m tcp –dport 3306 -j REJECT
service iptables save
3) Kill the process any running for the same
ps -aef|grep mysql
kill -9 <<process id>>