There are other services and daemons that you can turn off to improve boot times and just manage the basic clutter. On Sun, 05 Sep 2004 18:58:23 -0500, John Thompson <johnthompson@xxxxxxxxxx> wrote: > Greg Lobring wrote: > > > While I am fairly adept at making sure the services on my Windows box > > are only the ones I need, I am not so learned for Linux. I use my > > Fedora pc for email (Ximian), surfing (Firefox/Mozilla) and chatting > > (Gaim). I am not using it as a mail server, ftp server, ssh server, or > > file server of any sort. So my question is, what should/should not be > > running to cut down on security risks? I think I was successful on not > > running sendmail, but what else? Here are the current results from > > chkconfig --list, any of these that I would be well off to disable? > > Is this a stand-alone machine not acting as a server/gateway/whatever > for other machines on a LAN? > > > ntpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > > network 0:off 1:off 2:on 3:on 4:on 5:on 6:off > > psacct 0:off 1:off 2:off 3:off 4:off 5:off 6:off > > iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off > > snmptrapd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > > mdmpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off ^^^^^^^ Multi-path support (ie RAID), no need if you don't have a RAID array. > > portmap 0:off 1:off 2:off 3:on 4:on 5:on 6:off > ^^^^^^^ > If you're not using NFS you don't need this. > > > rpcidmapd 0:on 1:off 2:off 3:on 4:off 5:on 6:on > > yum 0:off 1:off 2:off 3:off 4:off 5:off 6:off > > readahead_early 0:off 1:off 2:off 3:off 4:off 5:on 6:off > > messagebus 0:off 1:off 2:off 3:on 4:on 5:on 6:off > > smartd 0:off 1:off 2:on 3:on 4:on 5:on 6:off > > anacron 0:off 1:off 2:on 3:on 4:on 5:on 6:off > > rhnsd 0:off 1:off 2:off 3:on 4:on 5:on 6:off ^^^^^^^ Daemon for response to the up2date. If you only use yum or apt, can be disabled. > > kudzu 0:off 1:off 2:off 3:on 4:on 5:on 6:off > > isdn 0:off 1:off 2:on 3:on 4:on 5:on 6:off ^^^^^^^ If you aren't using isdn, no need for the services for that. > > crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off > > sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off ^^^^^^^^ Since you aren't won't be accessing this PC remotely, no need for this. > > syslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off > > nfslock 0:off 1:off 2:off 3:on 4:on 5:on 6:off > ^^^^^^^ > If you're not using NFS you don't need this. > > > rawdevices 0:off 1:off 2:off 3:on 4:on 5:on 6:off > > nfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off > ^^^ > Looks like nfs is disabled already. May as well disable the rest of the > NFS stuff. > > > acpid 0:off 1:off 2:off 3:on 4:on 5:on 6:off > > rpcgssd 0:on 1:off 2:off 3:on 4:off 5:on 6:on > ^^^^^^^ > More NFS stuff it doesn't appear you need. > > > vncserver 0:off 1:off 2:off 3:off 4:off 5:off 6:off > > saslauthd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > > microcode_ctl 0:off 1:off 2:off 3:on 4:on 5:on 6:off ^^^^^^^^^ Only needed if you run an Intel chip. > > sendmail 0:off 1:off 2:off 3:off 4:off 5:off 6:off > > autofs 0:off 1:off 2:off 3:on 4:on 5:on 6:off > > readahead 0:off 1:off 2:off 3:off 4:off 5:on 6:off > > netplugd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > > cpuspeed 0:off 1:on 2:on 3:on 4:on 5:on 6:off > > gpm 0:off 1:off 2:on 3:on 4:on 5:on 6:off > > random 0:off 1:off 2:on 3:on 4:on 5:on 6:off > > irqbalance 0:off 1:off 2:off 3:on 4:on 5:on 6:off > > lisa 0:off 1:off 2:off 3:off 4:off 5:off 6:off > > xinetd 0:off 1:off 2:off 3:on 4:on 5:on 6:off > > mdmonitor 0:off 1:off 2:on 3:on 4:on 5:on 6:off ^^^^^^^ Multi-path service. Used with a RAID array. > > winbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off > > cups 0:off 1:off 2:on 3:on 4:on 5:on 6:off > > pcmcia 0:off 1:off 2:on 3:on 4:on 5:on 6:off Only needed on a laptop. > > rpcsvcgssd 0:on 1:off 2:off 3:on 4:off 5:on 6:on > ^^^^^^^^^^ > More NFS stuff. > > > irda 0:off 1:off 2:off 3:off 4:off 5:off 6:off > > netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off > ^^^^^ > If you're not mounting Windows SMB or Netware filesystems, you don't > need this. > > > xfs 0:off 1:off 2:on 3:on 4:on 5:on 6:off > > apmd 0:off 1:off 2:on 3:on 4:on 5:on 6:off Only needed on a laptop. > > netdump 0:off 1:off 2:off 3:off 4:off 5:off 6:off > > snmpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off > > atd 0:off 1:off 2:off 3:on 4:on 5:on 6:off > > xinetd based services: > > echo-udp: off > > time: off > > time-udp: off > > daytime-udp: off > > echo: off > > ktalk: off > > chargen: off > > rsync: off > > cups-lpd: off > > daytime: off > > sgi_fam: on > > chargen-udp: off > > services: off > > > > > > -- > > -John (john@xxxxxxxxxxx) > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list >
