![\"\"](\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/linux_console_forbidden_services.png\")
<\/li>\n\n\n\n- \n
- Disable xinetd<\/strong> – Disable the xinetd daemon, which listens for well-known services and dispatches the appropriate daemon to properly respond to service requests.<\/li>\n\n\n\n
- Disable Avahi <\/strong>– Disable Avahi, which allows automatic service discovery on the local network.<\/li>\n\n\n\n
- Disable CUPS<\/strong> – Disable the Common Unix Print System (CUPS), which allows printing to and receiving print jobs from local and network printers.<\/li>\n\n\n\n
- Disable DHCP<\/strong> – Disable Dynamic Host Configuration Protocol (DHCP), which is a service that allows machines to be dynamically assigned IP addresses.<\/li>\n\n\n\n
- Disable LDAP<\/strong> – Disable the Lightweight Directory Access Protocol (LDAP) if the system will not need to act as an LDAP server.<\/li>\n\n\n\n
- Disable NFS and RPC<\/strong> – Disable the Network File System (NFS) if the system will not need to export NFS shares or act as an NFS client.<\/li>\n\n\n\n
- Disable DNS<\/strong> – Disable the Domain Name System (DNS), which maps names to IP addresses for resources on the network, if the system will not need to act as the DNS server.<\/li>\n\n\n\n
- Disable FTP <\/strong> – Disable the File Transfer Protocol (FTP), which does not protect the confidentiality of data or authentication credentials when transferring files between networked machines.<\/li>\n\n\n\n
- Disable HTTP<\/strong> – Disable HTTP if there is no need to run the system as a web server.<\/li>\n\n\n\n
- Disable IMAP and POP3 server<\/strong> – Disable IMAP and POP3 server provisioning by the system.<\/li>\n\n\n\n
- Disable Samba<\/strong> – Disable Samba, which allows Linux systems to share file systems and directories with Windows desktops, if there is no need to mount directories and file systems to Windows systems.<\/li>\n\n\n\n
- Disable HTTP Proxy server<\/strong> – Disable HTTP Proxy if there is no need for a proxy server.<\/li>\n\n\n\n
- Disable SNMP server<\/strong> – Disable the Simple Network Management Protocol (SNMP) service, which does not require authentication to execute commands.<\/li>\n\n\n\n
- Disable rsync service<\/strong> – Disable the rsync service, which uses unencrypted protocols for communication to synchronize files between systems over network links.<\/li>\n\n\n\n
- Disable NIS server<\/strong>: – Disable the Network Information Service (NIS) protocol used to distribute system configuration files.<\/li>\n<\/ol>\n<\/li>\n\n\n\n
- Click save<\/strong>.<\/li>\n\n\n\n
- Next, apply the policy to a device or group of devices.<\/li>\n<\/ol>\n\n\n\n
After a service is disabled using this policy, a form of the 403 Forbidden<\/kbd> error appears to show the user that the service is not active and that the configured ports for the service will not respond to requests.<\/p>\n","protected":false},"excerpt":{"rendered":"
The Linux – Forbidden Services Policy makes it easy for IT admins to reduce risk to their environment by removing […]<\/p>\n","protected":false},"author":206,"featured_media":0,"template":"","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"support_category":[2852,2926,2862],"support_tag":[],"coauthors":[2842,3011],"acf":[],"yoast_head":"\n
Create a Linux Forbidden Services Policy - JumpCloud<\/title>\n<meta name=\"description\" content=\"Learn how to create, configure, and apply a forbidden services policy to reduce the risk of unneeded services on Linux devices.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/support\/create-a-linux-forbidden-services-policy\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Create a Linux Forbidden Services Policy\" \/>\n<meta property=\"og:description\" content=\"Learn how to create, configure, and apply a forbidden services policy to reduce the risk of unneeded services on Linux devices.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/support\/create-a-linux-forbidden-services-policy\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/linux_console_forbidden_services.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data2\" content=\"pamkellman, nickconrad\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/support\/create-a-linux-forbidden-services-policy\",\"url\":\"https:\/\/jumpcloud.com\/support\/create-a-linux-forbidden-services-policy\",\"name\":\"Create a Linux Forbidden Services Policy - JumpCloud\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/create-a-linux-forbidden-services-policy#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/create-a-linux-forbidden-services-policy#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/linux_console_forbidden_services.png\",\"datePublished\":\"2023-06-05T17:09:42+00:00\",\"dateModified\":\"2023-06-05T17:09:42+00:00\",\"description\":\"Learn how to create, configure, and apply a forbidden services policy to reduce the risk of unneeded services on Linux devices.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/create-a-linux-forbidden-services-policy#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/support\/create-a-linux-forbidden-services-policy\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/support\/create-a-linux-forbidden-services-policy#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/linux_console_forbidden_services.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/linux_console_forbidden_services.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/support\/create-a-linux-forbidden-services-policy#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Support\",\"item\":\"https:\/\/jumpcloud.com\/support\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Create a Linux Forbidden Services Policy\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Create a Linux Forbidden Services Policy - JumpCloud","description":"Learn how to create, configure, and apply a forbidden services policy to reduce the risk of unneeded services on Linux devices.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/support\/create-a-linux-forbidden-services-policy","og_locale":"en_US","og_type":"article","og_title":"Create a Linux Forbidden Services Policy","og_description":"Learn how to create, configure, and apply a forbidden services policy to reduce the risk of unneeded services on Linux devices.","og_url":"https:\/\/jumpcloud.com\/support\/create-a-linux-forbidden-services-policy","og_site_name":"JumpCloud","og_image":[{"url":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/linux_console_forbidden_services.png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"3 minutes","Written by":"pamkellman, nickconrad"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/support\/create-a-linux-forbidden-services-policy","url":"https:\/\/jumpcloud.com\/support\/create-a-linux-forbidden-services-policy","name":"Create a Linux Forbidden Services Policy - JumpCloud","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/support\/create-a-linux-forbidden-services-policy#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/support\/create-a-linux-forbidden-services-policy#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/linux_console_forbidden_services.png","datePublished":"2023-06-05T17:09:42+00:00","dateModified":"2023-06-05T17:09:42+00:00","description":"Learn how to create, configure, and apply a forbidden services policy to reduce the risk of unneeded services on Linux devices.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/support\/create-a-linux-forbidden-services-policy#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/support\/create-a-linux-forbidden-services-policy"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/support\/create-a-linux-forbidden-services-policy#primaryimage","url":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/linux_console_forbidden_services.png","contentUrl":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/linux_console_forbidden_services.png"},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/support\/create-a-linux-forbidden-services-policy#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"Support","item":"https:\/\/jumpcloud.com\/support"},{"@type":"ListItem","position":3,"name":"Create a Linux Forbidden Services Policy"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/75547"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/support"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/206"}],"version-history":[{"count":2,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/75547\/revisions"}],"predecessor-version":[{"id":88564,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/75547\/revisions\/88564"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=75547"}],"wp:term":[{"taxonomy":"support_category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_category?post=75547"},{"taxonomy":"support_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_tag?post=75547"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=75547"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}} - Disable Avahi <\/strong>– Disable Avahi, which allows automatic service discovery on the local network.<\/li>\n\n\n\n