redhat packages I can safely remove
 

Hello-

I'm mostly a Windows admin (don't hate), and I recently inherited management of a RedHat 5.x server that provides sftp and https services. I'd like to rip out everything that's not needed to support these two functions, especially things that may have vulnerabilites.

Can I remove cups, samba and nfs related packages without affecting the two services this box provides?

Got any suggestions for other superfluous packages that could/should be removed? DHCP? DNS?

thanks

You can start out by stopping the services that you wish to remove to see if anything else failes to function properly.

For instance disable cups and see if anything goes wrong, who knows, maybe some user somewhere prints through the server.

The startup scripts are in /etc/init.d and can be stopped like so
Or disabled with:
smb is the samba server in the above examples.

Almost forgot, to change firewall rules from terminal
or in x from graphical display

As root
repeat for each candidate and let it run for a week, in case there are eg end of week special jobs.
Get the service name from chkconfig/ntsysv below.

Next
permanently turns it off, even after a reboot.
http://linux.die.net/man/8/chkconfig

You can get a list of all services
For a pseudo GUI, try ntsysv http://linux.die.net/man/8/ntsysv

You'll want to bookmark this http://www.linuxtopia.org/online_boo...ion/index.html

You're going to want to understand the yum cmd http://linux.die.net/man/8/yum to keep the system updated.
Try to avoid using rpm cmd http://linux.die.net/man/8/rpm for updating, as this does NOT handle dependencies; that's what yum is for :)

PS: you might want to get a copy of Centos (a free rebuild of RHEL) at home to familiarize yourself.

Welcome to LQ :)