Warren has a nice page at
<http://www.mplug.org/phpwiki/index.php/DisablingLinuxServices> about what
services to turn off after you install redhat. Unfortunately it is obsolete
(says to use linuxconf, which is no longer part of the distro). I've been
googling around trying to update it myself, but I'm in a bit over my head. If
you guys give me a sanity check, I'll go ahead & update the page.
I'm assuming we'd use chkconfig instead of linuxconf (or maybe ntsysv?).
Here's some of the services chkconfig lists on one of my systems, with comments
and questions. Some of this was cribbed from posts to comp.os.linux.questions.
keytable Loads keyboard map. on
atd related to crond, on.
syslog for system logging, on.
gpm Console mouse handler. If you never do console, you may not
need it.
sendmail for sending mail, not needed if you always use your ISP's smtp
server. off.
kudzu recognizes hardware at startup. Is there a way to turn it off
later? Is that a good idea?
netfs supposed to automount nfs and smbfs shares, on if you want?
network networking. on.
random has to do with random number generation, on.
rawdevices no idea, on.
apmd Advanced power management daemon. For laptops and Green
machines.
ipchains iptables firewall stuff, one or other on. Actually my system has
both on, a problem?
crond handles background/timed job scheduling. on.
anacron Runs cron jobs that were lost during downtime. Useful on
laptops and machines that aren't up all the time
lpd on if you have a printer, otherwise off.
ntpd network time protocol daemon, has been a security hole,
probably off.
portmap required for samba or NFS, I forget.
xfs X Font Server. If you're running a standalone system Running X
Window
System, you may need it.
xinetd long story, off probably.
rhnsd red hat network, on if you use it.
autofs no idea
nfs old style unix file sharing (network file system). On if you
use it.
nfslock see nfs?
nscd no idea
identd Identifies you to IRC servers, from what I can tell. Known
security problem; disable if you don't IRC.
radvd no idea
snmpd Simple Network Management Protocol. For big networks of many
machines. Disable.
snmptrapd see snmpd.
isdn no idea
sshd on! secure shell.
vncserver no idea
yppasswdd ypserv ypxfrd samba?
winbind no idea
smb samba - on if you use it.
arpwatch Keeps track of ethernet/ip pairings and logs activites. Safe to
disable,
you will know when/if you want/need it.
xinetd based services:
chargen-udp: off
chargen: off
daytime-udp: off
daytime: off
echo-udp: off
echo: off
services: off
servers: off
time-udp: off
time: off
sgi_fam: on
rsh: off
talk: off
kotalk: off
ktalk: off
finger: off
rexec: off
rlogin: off
ntalk: off
telnet: off
rsync: off
wu-ftpd: off
all xinetd services seem to be off on this box, except sgi-fam, whatever that
is.
Send comments and I'll try to put them into the page. Or I guess you guys could
edit it directly.
Dave
