Disabling services question
in [General Linux]
|
Prev: NYC LOCAL: Wednesday 4 August 2010 NYCBUG: Ivan Ivanov on Examples in Cryptography with OpenSSL
Next: For which type of Linux distro are *.bin install packages?
From: Andrew on 4 Aug 2010 16:05 I've been turning off unnecessary services on a small server and ran into a couple that were confusing. 1. nmap listed a service running on several ports titled simply 'status'. This being a difficult term to get useful google results out of, I am trying to find out exactly what it is. Can anyone enlighten me? 2. smtp is running on port 25. I do not at present intend to send mail through this server, but I'm hesitant to turn it off; I seem to recall that local mail is used by several aspects of linux and that closing it may cause problems for other stuff. So, a question: If I shut smtp off, what is that likely to break? nmap output below if it's useful. PORT STATE SERVICE VERSION 25/tcp open smtp Exim smtpd 4.72 53/tcp open domain ISC BIND 9.7.0-P1 80/tcp open http Apache httpd 2.2.15 ((Debian)) 111/tcp open rpcbind | rpcinfo: | 100000 2 111/udp rpcbind | 100003 2,3,4 2049/udp nfs | 100024 1 38801/udp status | 100021 1,3,4 44572/udp nlockmgr | 100005 1,2,3 45685/udp mountd | 100000 2 111/tcp rpcbind | 100003 2,3,4 2049/tcp nfs | 100024 1 42587/tcp status | 100021 1,3,4 45846/tcp nlockmgr |_ 100005 1,2,3 60446/tcp mountd 445/tcp open netbios-ssn Samba smbd 3.X 631/tcp open ipp CUPS 1.4 953/tcp open rndc? 2049/tcp open rpcbind 5432/tcp open postgresql PostgreSQL DB 42587/tcp open rpcbind 45846/tcp open rpcbind 49152/tcp open upnp MediaTomb UPnP 0.12.0
From: Aragorn on 4 Aug 2010 16:51 On Wednesday 04 August 2010 22:05 in comp.os.linux.misc, somebody identifying as Andrew wrote... > I've been turning off unnecessary services on a small server and ran > into a couple that were confusing. > > 1. nmap listed a service running on several ports titled simply > 'status'. This being a difficult term to get useful google results out > of, I am trying to find out exactly what it is. Can anyone enlighten > me? [04:39:12][localhost:/home/aragorn] [aragorn] $> apropos status cups-lpd (8) - receive print jobs and report printer status to lpd clients Curses::UI::Dialog::Status (3pm) - Create and manipulate status dialogs HTTP::Status (3pm) - HTTP Status code processing iecset (1) - Set or dump IEC958 status bits ifplugstatus (8) - A link beat detection tool lpq [lpq-cups] (1) - show printer queue status lpstat [lpstat-cups] (1) - print cups status information mii-tool (8) - view, manipulate media-independent interface status ntpstat (1) - show network time synchronisation status ocsp (1) - Online Certificate Status Protocol utility pppoe.conf [pppoe] (5) - Configuration file used by pppoe - start(8), pppoe - stop(8), pppoe-status(8) and pppoe-connect(8) pppoe-status (8) - Shell script to report on status of PPPoE link skill (1) - send a signal or report process status smbstatus (1) - report on current Samba connections snice [skill] (1) - send a signal or report process status stat (1) - display file or file system status I would suggest that, if all else fails, you would locate the binary and check its /man/ page. :p > 2. smtp is running on port 25. I do not at present intend to send mail > through this server, but I'm hesitant to turn it off; I seem to recall > that local mail is used by several aspects of linux and that closing > it may cause problems for other stuff. So, a question: If I shut smtp > off, what is that likely to break? It is possible that one of the websites running off of your machine requires an SMTP server. Without knowing what the machine is doing and what kinds of websites it is running, it is probably safest for me to advise you to keep the SMTP running. -- *Aragorn* (registered GNU/Linux user #223157)
From: The Natural Philosopher on 4 Aug 2010 16:55 Aragorn wrote: > On Wednesday 04 August 2010 22:05 in comp.os.linux.misc, somebody > identifying as Andrew wrote... > >> I've been turning off unnecessary services on a small server and ran >> into a couple that were confusing. >> >> 1. nmap listed a service running on several ports titled simply >> 'status'. This being a difficult term to get useful google results out >> of, I am trying to find out exactly what it is. Can anyone enlighten >> me? > > [04:39:12][localhost:/home/aragorn] > [aragorn] $> apropos status > cups-lpd (8) - receive print jobs and report printer status > to lpd clients > Curses::UI::Dialog::Status (3pm) - Create and manipulate status dialogs > HTTP::Status (3pm) - HTTP Status code processing > iecset (1) - Set or dump IEC958 status bits > ifplugstatus (8) - A link beat detection tool > lpq [lpq-cups] (1) - show printer queue status > lpstat [lpstat-cups] (1) - print cups status information > mii-tool (8) - view, manipulate media-independent interface > status > ntpstat (1) - show network time synchronisation status > ocsp (1) - Online Certificate Status Protocol utility > pppoe.conf [pppoe] (5) - Configuration file used by pppoe - start(8), > pppoe - stop(8), pppoe-status(8) and pppoe-connect(8) > pppoe-status (8) - Shell script to report on status of PPPoE > link > skill (1) - send a signal or report process status > smbstatus (1) - report on current Samba connections > snice [skill] (1) - send a signal or report process status > stat (1) - display file or file system status > > I would suggest that, if all else fails, you would locate the binary and > check its /man/ page. :p > >> 2. smtp is running on port 25. I do not at present intend to send mail >> through this server, but I'm hesitant to turn it off; I seem to recall >> that local mail is used by several aspects of linux and that closing >> it may cause problems for other stuff. So, a question: If I shut smtp >> off, what is that likely to break? > > It is possible that one of the websites running off of your machine > requires an SMTP server. Without knowing what the machine is doing and > what kinds of websites it is running, it is probably safest for me to > advise you to keep the SMTP running. > unfortunately, you need to keep a daemon running even for 'send only' because it will flush the mail queues of stuff that fails to go instantly, and retry it. You can run e.g. sendmail under a cron script to do the same however.
From: mjt on 4 Aug 2010 17:19 On Wed, 4 Aug 2010 16:05:33 -0400 Andrew <none(a)none.com> wrote: > 1. nmap listed a service running on several ports titled simply > 'status'. "status" is a function of NFS - it's the network status monitor > This being a difficult term to get useful google results out of Use "http://www.google.com/linux" for more accurate "Linux" searches -- Ambition is a poor excuse for not having sense enough to be lazy. - Charlie McCarthy <<< Remove YOURSHOES to email me >>>
From: J G Miller on 4 Aug 2010 17:36
On Wednesday, August 4th, 2010, at 16:19:15h -0500, Mjt explained: > > "status" is a function of NFS - it's the network status monitor Indeed. man statd The rpc.statd server implements the NSM (Network Status Monitor) RPC protocol. This service is somewhat misnamed, since it doesn't actually provide active monitoring as one might suspect; instead, NSM implements a reboot notification service. It is used by the NFS file locking ser- vice, rpc.lockd, to implement lock recovery when the NFS server machine crashes and reboots. It is *not* needed for NFSv4. |