How feasible is systemd for creating an airgap by enabling and disabling network services adhoc? Or is that just not secure unless you block the actual kernel modules from loading during boot?
Great tip but --now only works with enable , disable and mask but also starts and stops the service sudo systemctl disable --atd would both disable the service and stop it. If used with enable it would both enable and start the service
Great video as always, i particularly like this security serries.
How feasible is systemd for creating an airgap by enabling and disabling network services adhoc? Or is that just not secure unless you block the actual kernel modules from loading during boot?
If the services are not needed remove them
I didn't really get how to disable auto start of a service in systemd. Was it the mask command?
a helpful command, if you want to stop a service and also disable it from autostart you then could just type: systemctl stop --now atd
oops.. typo here.. command should be: systemctl disable --now atd
Great tip but --now only works with enable , disable and mask but also starts and stops the service sudo systemctl disable --atd would both disable the service and stop it. If used with enable it would both enable and start the service