[NTLUG:Discuss] Basic Linux Server Questions

David Stanaway david at stanaway.net
Wed Nov 22 10:40:00 CST 2006 

Dennis Myhand wrote:
> David Stanaway wrote:
>   
>> Dennis Myhand wrote:
>>   
>>     
>>> I am putting together a web server for the students in my class.  I have 
>>> installed Debian 3.1 Testing and Apache2.2.  Before I put this out for 
>>> the world to see I want to make sure the server is as secure as I can 
>>> make it.  The server is going to be on the school network, inside our 
>>> firewall/router, but it is necessary for the web pages to be visible to 
>>> the Internet as a whole.  I have a few questions if anyone on the list 
>>> is willing to offer help.  How do I see which services are running? 
>>> Which services are essential for a web server?  Do I set up ftp for my 
>>> students to up load their pages or scp, or is there a default ftp upload 
>>> capability?  Any help will be appreciated.
>>>
>>>     
>>>       
>> Install lsof, then you can:
>> lsof -i | grep LISTEN
>>
>> You will see all the processes listening on network ports
>>
>> For a web server, the only service you need is apache, but you will also
>> need a way for people put their files up for publishing and possibly
>> editing apache config etc.
>>
>> Consider using ssh and have the students use sftp or psftp.exe or
>> filezilla's SFTP2 mode to transfer files to the webserver.
>>
>> _______________________________________________
>> http://www.ntlug.org/mailman/listinfo/discuss
>>
>>
>>   
>>     
> Okay:
>
> I ran the lsof -i | grep LISTEN
>
> and most of what showed up was associated with the apache server.  There 
> were three which were not.  One was Exim4 running smtp in LISTEN, one 
> was inetd, and one was rpc.statd.  I am not going to be ruuning e-mail 
> offthis box, nor receiving it.  What do I need to do to turn these 
> services off?  Thanks again, Dennis
>
>   


Find the service startup script names in /etc/init.d

$ ls /etc/init.d

Stop the ones you don't need

# /etc/init.d/exim4 stop
# /etc/init.d/inetd stop

then remove their links from the runlevel rc.d s

# update-rc.d -f exim4 remove
# update-rc.d -f inetd remove

You can remove the packages themselves if you like, but you might have 
difficulty for instance removing the MTA as there are dependencies on it.

More information about the Discuss mailing list