LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 03-19-2003, 06:57 PM   #1
Arisen Sun
LQ Newbie
 
Registered: Mar 2003
Posts: 7

Rep: Reputation: 0
What services should I not run?


I currently have my Linux box running as a firewall with NAT using Firestarter. I am wondering if there is any services that I dont need to have running. I am using Redhat 8.0 with Gnome. The only services that I need to run are what is needed to use the firewall and nat. I dont need any FTP or mail services. I am very new at this, and I'm not sure what all of this stuff is...all though, I did get everything setup and running on my own as a first time Linux user.


This is what I having running:

-- System Configuration --

Anacron
APMD
ATD
AUTOFS
Firestarter
GPM
ISDN
Keytable
Kudzu
Netfs
Network
NFSLock
PCMCIA
Portmap
Random
Rawdevices
Rhnsd
Sendmail
Sgi_fam
sshd
Syslog
XineTd

-- System Monitor --
atd
bdflush
bonobo_activation_server
crond
dhclient
firestarter
gconfd-2
gdm-binary
x
gnome session
ssh-agent
gnome panel
gnome-settings daemon
gnome-system-monitor
gpm
init
keventd
kjournalald
klogd
kswapd
kupdated
magicdev
mingetty
mozilla-bin
netstat
nautilus
nautilus-text-view
nautilus-throbber
pam-panel-icon
pam_timestamp_check
portmap
rhnsd
rpc.statd
sendmail
syslogd
xfs
xinetd
fam
python
metacity
mdrecoveryd
ksoftirqd_cpu0
--

Thanks!!
 
Old 03-19-2003, 10:01 PM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
I would definitely turn off the following services:
portmap
sshd
sendmail

I would probably turn off:
apmd -> unless your running on a laptop
atd
isdn -> unless you have an isdn internet connection
netfs -> unless mounting network shares
nfslock -> unless mounting network shares
pcmcia -> unless you have pcmcia cards

I recommend turning off xinetd. Unless you want to specifically run services through it, you don't really need it.

login as root and use: chkconfig --level 2345 servicename off to turn off each service you don't want. Once your done reboot and use netstat -la to see what services are still up and listening. You can be extra careful and run nmap against yourself as well.

As far as securing your linux box: the fewer services you run the better. The more unnecessary services, the greater the chance is that someone will exploit them.
 
Old 03-19-2003, 11:20 PM   #3
nakkaya
LQ Guru
 
Registered: Jan 2003
Location: Turkey&USA
Distribution: Emacs and linux is its device driver(Slackware,redhat)
Posts: 1,398

Rep: Reputation: 45
iptables
keytable
network
xfs

in my machine only there are open
 
Old 03-20-2003, 11:26 AM   #4
Arisen Sun
LQ Newbie
 
Registered: Mar 2003
Posts: 7

Original Poster
Rep: Reputation: 0
Thank you very much for your assistance! I shut down these services, as I have no need to run them and it will help mantain the security of my box.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Is it possible to run Messenger services in Multiterminal PC dianuj Red Hat 3 08-19-2005 09:45 AM
Services run at boot-up vincebs Ubuntu 3 05-09-2005 10:00 AM
Which services to run and which to remove on a server? emilioestevezz Linux - Networking 1 09-16-2004 12:15 PM
How do I run commands at startup? Like Services in Windows defubar Linux - Newbie 4 02-02-2004 10:57 AM
Run Commands for Services & Mount AceTech747 Red Hat 5 12-22-2003 10:25 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 08:34 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration