Linode Forum
Linode Community Forums
 FAQFAQ    SearchSearch    MembersMembers      Register Register 
 LoginLogin [ Anonymous ] 
Post new topic  Reply to topic
Author Message
 Post subject: Disable Unused Services
PostPosted: Sat Jun 30, 2012 6:54 pm 
Offline
Newbie

Joined: Sat Jun 30, 2012 6:39 pm
Posts: 3
I'm new to Linode and web servers and Linux in general. I've been working through the Linode Library and other online guides.

I'm stuck on the "Disable Unused Services" section in the Linode Library. Whereas other portions of the Linode Library guides have been rather detailed, this section doesn't help a newbie like myself very much.

I see the instructions for installing htop. But after I do that...

1. What command do I use to see all processes currently running?

2. How can I determine which of these services are necessary for my purposes and which can be disabled? (For the record, I basically just want to run some WordPress websites on my linode.)

3. According to the Library guide, "Please note that services that are configured to start at system boot will run again should you reboot your server, so it may be safer to disable them from automatically starting using your distribution's particular method for doing so." What is Ubuntu 12.04's particular method for doing so?

I am generally opposed to starting new forum topics, so I searched through this forum and the rest of the Internet for answers to these questions. While I found some information on other websites, I couldn't tell if the instructions given there were geared toward a setup like a linode and none of the instructions I found answered all of these questions.

Thanks.


Top
   
PostPosted: Sun Jul 01, 2012 3:18 am 
Offline
Senior Member

Joined: Fri Feb 17, 2012 8:20 pm
Posts: 365
1. With htop you can see the processes. However, what you want to know is your listening processes. For this you can use netstat. eg. netstat -tulpe
Look at the processes in a listening state. Make sure your terminal window is big enough stuff fit's on a single line. You'll also see the program name and PID on the end, so the stuff that is not needed can be disabled. Normally this is /etc/init.d/<program name> stop
2. You'll probably only want Apache/Nginx/Mysql/PHP/SSH/exim(or whatever you use for mail) in a listening state.
3. update-rc.d -f <name> remove (or disable)
The <name> part is how it is listed in /etc/init.d/


Top
   
PostPosted: Sun Jul 01, 2012 4:03 am 
Offline
Senior Member
User avatar

Joined: Sun Dec 27, 2009 11:12 pm
Posts: 1038
Location: Colorado, USA
Kyle wrote:
1. What command do I use to see all processes currently running?
Google

Kyle wrote:
2. How can I determine which of these services are necessary for my purposes and which can be disabled?
Google

Kyle wrote:
3. What is Ubuntu 12.04's particular method for doing so?
Google

Just kidding :lol: (more or less)

But for general linux questions, it's quicker just to google them.

_________________
Either provide enough details for people to help, or sit back and listen to the crickets chirp.
Security thru obscurity is a myth - and really really annoying.


Top
   
PostPosted: Sun Jul 01, 2012 4:57 am 
Offline
Senior Member

Joined: Sun Mar 07, 2010 7:47 pm
Posts: 1970
Website: http://www.rwky.net
Location: Earth
Nuvini wrote:
1. With htop you can see the processes. However, what you want to know is your listening processes. For this you can use netstat. eg. netstat -tulpe
Look at the processes in a listening state. Make sure your terminal window is big enough stuff fit's on a single line. You'll also see the program name and PID on the end, so the stuff that is not needed can be disabled. Normally this is /etc/init.d/<program name> stop
2. You'll probably only want Apache/Nginx/Mysql/PHP/SSH/exim(or whatever you use for mail) in a listening state.
3. update-rc.d -f <name> remove (or disable)
The <name> part is how it is listed in /etc/init.d/


And ntpd you'll want that running too :)

_________________
Paid support
How to ask for help
1. Give details of your problem
2. Post any errors
3. Post relevant logs.
4. Don't hide details i.e. your domain, it just makes things harder
5. Be polite or you'll be eaten by a grue


Top
   
PostPosted: Sun Jul 01, 2012 6:08 am 
Offline
Senior Member

Joined: Fri Feb 17, 2012 8:20 pm
Posts: 365
obs wrote:
Nuvini wrote:
1. With htop you can see the processes. However, what you want to know is your listening processes. For this you can use netstat. eg. netstat -tulpe
Look at the processes in a listening state. Make sure your terminal window is big enough stuff fit's on a single line. You'll also see the program name and PID on the end, so the stuff that is not needed can be disabled. Normally this is /etc/init.d/<program name> stop
2. You'll probably only want Apache/Nginx/Mysql/PHP/SSH/exim(or whatever you use for mail) in a listening state.
3. update-rc.d -f <name> remove (or disable)
The <name> part is how it is listed in /etc/init.d/


And ntpd you'll want that running too :)


True. Except when leap seconds occur :mrgreen:


Top
   
PostPosted: Wed Jul 04, 2012 1:14 am 
Offline
Newbie

Joined: Sat Jun 30, 2012 6:39 pm
Posts: 3
First, thank you all for the help. I really do appreciate it.

Nuvini wrote:
However, what you want to know is your listening processes.

I thought the goal was to disable all running processes that aren't being used in order to free system resources and remove potential security vulnerabilities. What's the reason for only wanting to know listening processes?


Top
   
PostPosted: Wed Jul 04, 2012 3:21 am 
Offline
Senior Member

Joined: Fri Feb 17, 2012 8:20 pm
Posts: 365
If they want to abuse the running processes that aren't listening they first need to get in your system. So the first thing is to disable those listening services, reducing the potential points where they can get in.

Then while personally I don't think someone is gonna abuse processes like that once they're on your system, it's possible. Still, it depends on what you have running and installed. (e.g. Anacron can usually be disabled if it's running)


Top
   
PostPosted: Mon Jul 09, 2012 10:58 pm 
Offline
Senior Newbie

Joined: Fri May 04, 2012 11:03 pm
Posts: 12
I tried running netstat -tulpe and none of the processes listed show a Program Name, they are all just '-'.


Top
   
PostPosted: Mon Jul 09, 2012 11:04 pm 
Offline
Sysop

Joined: Sat Nov 27, 2010 3:32 am
Posts: 180
Website: https://blog.timheckman.net/
Location: San Francisco, CA
Did you run the command as root?

-Tim

_________________
'If debugging is the process of removing bugs, then programming must be the process of putting them in.' //Edsger Dijkstra
'Nothing is withheld from us which we have conceived to do.' | 'Do things that have never been done.' //Russell Kirsch


Top
   
PostPosted: Tue Jul 10, 2012 12:01 am 
Offline
Senior Newbie

Joined: Fri May 04, 2012 11:03 pm
Posts: 12
I did not, works now :) I seem to have 8 instances of ntpd running on udp and udp6.. can those be removed?


Top
   
PostPosted: Tue Jul 10, 2012 12:11 am 
Offline
Sysop

Joined: Sat Nov 27, 2010 3:32 am
Posts: 180
Website: https://blog.timheckman.net/
Location: San Francisco, CA
NTP is definitely needed to keep your clock synchronized with the rest of the world.

-Tim

_________________
'If debugging is the process of removing bugs, then programming must be the process of putting them in.' //Edsger Dijkstra
'Nothing is withheld from us which we have conceived to do.' | 'Do things that have never been done.' //Russell Kirsch


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
RSS

Powered by phpBB® Forum Software © phpBB Group