Quick thought on remaining services?

T

tony1234

Verified User
Joined
Jul 25, 2005
Messages
71
Just a quick moment of your time. I am partially through setting up my server security and now need to decide what services I should turn off. Here is a list of ones "on" using chkconfig, which is what I am down to now. Which of these are good candidates (if any) to shut down? I only added apf and already wrapped imap to my local server, plus have done all the SSH hardening (2, different port, no root login), now I just need to shut off any remaining here that are not needed. Thought a few quick thoughts from the gurus would help speed this up. (I will return the favor someday !!!) Thanks, Tony.

sshd
network
crond
acpid
da-popb4smtp
directadmin
cpuspeed
xinetd
atd
mysqld
apmd
haldaemon
iiim
ntpd
rawdevices
apf
exim
irqbalance
syslog
kudzu
vm-pop3d
iptables
startips
smartd
anacron
proftpd
messagebus
httpd
imapd
 
Any input of if any of these are BAD would be helpful. I know some of them are fine, so just any comments on if any are BAD would help. Like haldaemon, etc, never heard of some of them like that.
 
I think the reason none of us has responded is probably the reason I haven't.

Since you didn't tell us what any of these do, and since most of us (I'd bet) wouldn't remember what all of them do, we don't want to tell you which ones to delete and end up being responsible for breaking your server.

And neither do we want to look up all of them for you; you could do that yourself.

Jeff
 
Well, I didn't expect anyone to look them up, just with the amount of knowledge here I figured if any were bad it would jump out at someone, that's all I expected. And I would have confirmed before removing. But I need to remember to be careful and specific here with so many tell me everything questions I see. I will remember. Thanks for the reply.
 
Since no one has replied, I guess it's up to you to decide.

Here's the first four, as much as I know:

sshd
sshd is required since you can't log in to your server remotely without it.

network
network is required; without it your system won't be able to connect to the Internet.

crond
crond is required to be able to run cronjobs, including the cronjobs the system needs to run to manage itself.

acpid
I had no idea what it is so I googled it. I found out it's a daemon to react to acpi. I already knew what acpi is, so I didn't have to google it. I don't run acpi on servers, I don't believe in it, so my system didn't even load acpid. I googled "acpid vulnerability" (without the quotes) and discovered there have been some vulnerabilities. I wouldn't run it if I were you, but I have no idea if you've got acpi turned on in the bios or not, and I have no idea if you need it. So I have no idea if stopping it or removing it would break your server.

Jeff
 
In which case you've left out some important ones I mentioned, and some I didn't; for example: xinetd (without it a lot of things won't work), and smartd, which monitors your drives.

I stand by my thought that it's not a good idea for any of us to make the decisions for anyone else.

Jeff
 
You must log in or register to reply here.
Back
Top