The following programs were found to have super user priveledges and are unnecesary for operation of the firewall. They can be simply removed:
/usr/bin/dos /usr/bin/elm /usr/bin/lpq /usr/bin/lpr /usr/bin/lprm /usr/bin/minicom /usr/bin/mutt /usr/bin/inc /usr/bin/suidperl /usr/bin/sperl5.00404 /usr/bin/lockfile /usr/bin/dumpreg /usr/bin/wall /usr/bin/chfn /usr/bin/chsh /usr/bin/newgrp /usr/bin/write /usr/bin/cu /usr/bin/uucp /usr/bin/uuname /usr/bin/uustat /usr/bin/uux /usr/lib/emacs/20.2/i386-redhat-linux/movemail /usr/sbin/usernetctl /usr/sbin/lpc /usr/sbin/userhelper /usr/sbin/uucico /usr/sbin/uuxqt
The following programs MUST be removed, as all uses of them may introduce potential security problems:
/usr/bin/rcp /usr/bin/rlogin /usr/bin/rsh
The programs should have their setuid bit turned off with chmod:
/usr/X11R6/bin/XConsole /usr/X11R6/bin/rxvt /usr/X11R6/bin/seyon /usr/X11R6/bin/Xwrapper /usr/X11R6/bin/xterm /usr/X11R6/bin/xlock /usr/X11R6/bin/xosview /usr/X11R6/bin/xscreensaver /usr/X11R6/bin/nxterm /usr/bin/at /usr/bin/chage /usr/bin/gpasswd /usr/bin/emacs /usr/bin/passwd /usr/bin/procmail /usr/bin/restorefont /usr/bin/restorepalette /usr/bin/restoretextmode /usr/bin/crontab /usr/sbin/sendmail /usr/sbin/traceroute /bin/ipcalc /bin/linuxconf /bin/mount /bin/umount /bin/ping /bin/login /sbin/dump /sbin/restore /sbin/netreport /sbin/cardctl /sbin/pwdb_chkpwd
The following program may be required if remote administration is going to be done. Otherwise, it should be removed:
/bin/su