Support > About cybersecurity > Stop and disable unnecessary services in the Linux system
Stop and disable unnecessary services in the Linux system
Time : 2024-12-16 13:50:13
Edit : Jtti

During the installation of the Linux operating system, some unwanted software packages and applications are automatically installed without the user's knowledge. Unwanted applications or servers are installed by default during the operating system, consuming system resources. Using servers We build servers according to our plans and requirements, and recommend uninstalling or disabling useless programs or services in order to achieve more efficient system operation.

Start by knowing what types of services are running on your system with the following command:

[avishek@tecmint]# ps ax

Such as:

PID TTY      STAT   TIME COMMAND

2? S      0:00 [kthreadd]

3? S      0:00  \_ [migration/0]

4? S      0:09  \_ [ksoftirqd/0]

5? S      0:00  \_ [migration/0]

6? S      0:24  \_ [watchdog/0]

7? S      2:20  \_ [events/0]

8? S      0:00  \_ [cgroup]

9? S      0:00  \_ [khelper]

10? S      0:00  \_ [netns]

Eleven? S      0:00  \_ [async/mgr]

12? S      0:00  \_ [pm]

13? S      0:16  \_ [sync_supers]

14? S      0:15  \_ [bdi-default]

15? S      0:00  \_ [kintegrityd/0]

16? S      0:49  \_ [kblockd/0]

17? S      0:00  \_ [kacpid]

18? S      0:00  \_ [kacpi_notify]

19? S      0:00  \_ [kacpi_hotplug]

20? S      0:00  \_ [ata_aux]

21? S     58:46  \_ [ata_sff/0]

Twenty-two? S      0:00  \_ [ksuspend_usbd]

23? S      0:00  \_ [khubd]

24? S      0:00  \_ [kseriod]

...

Then run the netstat command to quickly view the process that receives the connection port:

[avishek@howtoing]# netstat -lp

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   

tcp        0      0 *:31138                     *:*                         LISTEN      1485/rpc.statd      

tcp        0      0 *:mysql                     *:*                         LISTEN      1882/mysqld         

tcp        0      0 *:sunrpc                    *:*                         LISTEN      1276/rpcbind        

tcp        0      0 *:ndmp                      *:*                         LISTEN      2375/perl           

tcp        0      0 *:webcache                  *:*                         LISTEN      2312/monitorix-http

tcp        0      0 *:ftp                       *:*                         LISTEN      2174/vsftpd         

tcp        0      0 *:ssh                       *:*                         LISTEN      1623/sshd           

tcp        0      0 localhost:ipp               *:*                         LISTEN      1511/cupsd          

tcp        0      0 localhost:smtp              *:*                         LISTEN      2189/sendmail       

tcp        0      0 *:cbt                       *:*                         LISTEN      2243/java           

tcp        0      0 *:websm                     *:*                         LISTEN      2243/java           

tcp        0      0 *:nrpe                      *:*                         LISTEN      1631/xinetd         

tcp        0      0 *:xmltec-xmlmail            *:*                         LISTEN      2243/java           

tcp        0      0 *:xmpp-client               *:*                         LISTEN      2243/java           

tcp        0      0 *:hpvirtgrp                 *:*                         LISTEN      2243/java           

tcp        0      0 *:5229                      *:*                         LISTEN      2243/java           

tcp        0      0 *:sunrpc                    *:*                         LISTEN      1276/rpcbind        

tcp        0      0 *:http                      *:*                         LISTEN      6439/httpd          

tcp        0      0 *:oracleas-https            *:*                         LISTEN      2243/java         

...

In the output above, you can see that some unwanted applications are still running on the server.

smbd and nmbd are daemons for Samba. These processes may not be necessary if you do not need to access Samba shares on other devices. You can safely stop them and prevent them from running automatically when the system starts. Telnet is used for two-way interactive text communication over the Internet or local area network. This process can be closed from startup if not needed.

For remote logins, if you do not need to log in to another host over the network, you can terminate and disable self-booting at startup.

Rexec is a remote process execution that can run shell commands on the user's remote server. If this function is not needed, you can terminate the process.

FTP belongs to the Internet file transfer protocol, if you do not use the Internet to transfer from one host to another host can stop the service.

For automatic mounting, if you do not need to automatically mount different files to start the network file system, you can disable the automatic startup of the system to avoid occupying too many system resources.

Whether to run the name server? If not, disable the process to reduce resource consumption and disable its startup function.

Lpd is a printer daemon. It is used only when the print server function is used. You can disable it if it is not needed to prevent system resources from being consumed by it.

If you're running a standalone application (such as ssh) that uses other standalone applications (such as Mysql, Apache, and so on), you don't need inetd. It is best to terminate the process and disable it from starting automatically the next time.

portmap is an open network computing remote Procedure call (ONC RPC) that uses the daemons rpc.portmap and rpcbind. If these processes are running, it means you are running the NFS server. If the NFS server is running unnoticed, it means that your system resources are being consumed unnecessarily.

To terminate a running process in Linux, run the "Kill PID" command. However, before we can run the Kill command, we must know the PID of the process. For example, you want to find the PID of the cupsd process.

[avishek@howtoing]# ps ax | grep cupsd

1511? SS 0:00 cupsd -C /etc/cups/cupsd.conf

The PID of the cupsd process is 1511. To terminate the PID, run the following command.

[avishek@howtoing]#kill -9 1511

In Red Hat-based distributions such as Fedora and CentOS, a script named "chkconfig" is used to enable and disable services running in Linux.

For example, let's disable the Apache Web server when the system starts.

[avishek@howtoing]# chkconfig httpd is closed

[avishek@howtoing]# chkconfig httpd --del

In Debian-based distributions, such as Ubuntu, Linux Mint, and other Debian-based distributions, use a script called update-rc.d.

For example, to disable the Apache service at system startup, run the following command. The -f option here indicates force.

[avishek@tecmint] # update-rc. d-f apache2 Delete

After these changes, the system will not need these unnecessary processes the next time it starts up, which will actually save our system resources, and the server will be more useful, fast, and secure.

Relevant contents

Manage user/group and file permissions/properties and sudo access in Linux Linux converts files to UTF-8 encoding This section describes how the Lynis tool performs security assessment on a Linux system Different uses of the Column command in Linux Teleconsole enables multiple people to share a linux terminal How to set recording and replaying linux terminal sessions Recursive search and delete directories in Linux Monitor Linux server and process indicators using a browser How to list all files by size in Linux bmon, a Linux tool for network bandwidth monitoring and debugging
Go back

24/7/365 support.We work when you work

Support
JTTI-Defl JTTI-COCO JTTI-Selina JTTI-Ellis JTTI-Eom