Removing services not needed - Need advice
- Inicie sesión ou rexístrese para enviar comentarios
Hello people,
So, long story short, I have been messing around a little bit trying to remove unnecessary stuff in my GNU/Linux system, especially services that are able to connect/listen on internet ports.
So far I have removed:
OpenSSH - Never access my computer remotely, so why have a program running that might be used to attack my system and NEVER be used myself?
FTP - Again, I never use FTP server in my home. Maybe I will do it one day, and if so I will reinstall it through reps, but I am sure my laptop doesn't need FTP services to be running in the background.
Avahi - This would be cool if I was using other computers in home network, or wanted to use for example a wireless printer, but as it is, I have no use for this.
Telnet - I am probably just ignorant here, but why would I want to have a program that allows remote access without the decency of encryption?
So far I have removed these. I would like to ask what other services are not needed in a laptop that is not part of any complex network, only use it to connect to the internet and my phone (through the wifi at home, phone creating the ftpserver itself), AND might be used to connect to the internet? If I am not using it, it doesn't belong in my computer, and it shouldn't be there waiting for someone to bypass my firewall, and use an exploit in that program to own my system.
Any help, much appreciated :)
Thanks in advance!
AFAIK, the ssh demon should not be enabled by default anymore (https://trisquel.info/en/issues/11188). If that is still the case you might want to open a new issue ticket.
Sorry, I am not using Trisquel for this, I am using Debian (even if I believe the services should be pretty much the same since Trisquel and Ubuntu come from Debian). I would like any help :)
While I appreciate the time you spent writing your reply, I think you misunderstood my purpose here. I am asking about services that USUALLY run in most (if not all) linux distros. Of course, some distros might have one or two slight changes, but in general services like ftp, ssh, telnet, ping, etc, are running in all linux distros. Hence, I believe this might be beneficial for people who want to try the same with Trisquel, AND, I believe I might get some usefull suggestions and contributions here. Both sides win, which is perfect for me. Since I already had an account here I choose to post it here first (might as well ask the same question there later, you have a point there).
Of course, if you think this is not worthy of being posted here, I understand you will not try to give any more help and advice. I don't want to force anyone to participate, I'm just looking for help in this small project of mine. I would still like to know which services you usually shutdown that might reduce the amount of listening your computer does on the network. Thanks for your reply in advance.
Of course, some distros might have one or two slight changes, but in general services like ftp, ssh, telnet, ping, etc, are running in all linux distros.
Trisquel does not run a FTP server by default (it only ships with a client). 'telnet' is not installed by default either. 'ping' is not a server. Trisquel 6 runs a SSH server by default but Trisquel 7 will not.
As for Debian, I do not think a NetInstall would install any server. But the Trisquel forum is not the place where to ask.
Thank you for your clarification. Making a NetInstall might be a possibility, I will look into that later.
One question regarding Trisquel, what services are listening in by default? In both Trisquel 6 and the future Trisquel 7. I remember someone once told me that only 4 services were running in default Trisquel installation (ssh server being one of them IIRC), but I couldn't find that post.
$ nmap -sV localhost
Starting Nmap 5.21 ( http://nmap.org ) at 2014-08-06 00:10 BRT
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00023s latency).
Not shown: 995 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh (protocol 2.0)
53/tcp open domain dnsmasq 2.59
139/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)
445/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)
631/tcp open ipp CUPS 1.5
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
SF-Port22-TCP:V=5.21%I=7%D=8/6%Time=53E19C9D%P=i686-pc-linux-gnu%r(NULL,30
SF:,"SSH-2\.0-OpenSSH_5\.9p1\x20Trisquel_GNU/linux_6\.0-1\r\n");
Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 11.14 seconds
One should also see, if the services are listening for outside connections or only local ones. I use the ss -lt
command for that. As I remember, Trisquel 7 doesn't listen for anything from outside by default. The output of ss
should look like this:
Local Address:Port 127.0.0.1:ipp 127.0.0.1:9050 127.0.1.1:domain ::1:ipp
Addresses like 127.0.0.1
, 127.0.1.1
and ::1
are local addresses. Other computers can't connect to your computer using these address:ports.
With sudo ss -ltp
you can see which processes are listening on each port, if you want to stop them. For example, 127.0.0.1:ipp
is cups
. You can use sudo stop cups
to stop the service.
Thanks everyone for your comments. Good help indeed, I had forgotten about nmap :P
Thanks!
How come that in the "Trisquel users" it indicates that a new post was made here by "steve002" but I can't find that here???
That was a spam post: https://trisquel.info/en/issues/4206?page=13.
- Inicie sesión ou rexístrese para enviar comentarios