that a user can exploit to get root/administrator privileges.
staprun clearly has to go.
This utility can be removed by logging in as
and giving the command:
apt-get remove systemtap-runtime
The webserver on the workstation (WKSTA) also clearly needs to go.
There doesn't seem to be any logical reason for it, especially since it
hasn't even been changed from its default configuration!
Remove it as follows:
Deciding what software to install on a host — especially a
server — involves sometimes difficult choices as you try to
balance users' needs for services against security. In this
exercise, your Unix server has a program called
- Remote Desktop to the workstation (WKSTA) and log in as the
- From the workstation, open the Command Prompt (cmd.exe) and
appwiz.cpl to open the "Add or Remove Programs"
- On the left side of the pane, click on "Add/Remove Windows Components"
to bring up the Windows Components Wizard.
- From this new window, uncheck the box next for Internet Information
Services (IIS) and click Next
- Once it finishes, click Finish. You have just removed the webserver
program from the workstation.