Hi, I'm working through the security quick start how to, and I'm not clear on what services are required and which ones I can safely remove. I'm running a single laptop, which I connect to the net via wireless at home or at cafes, and via an ethernet cable at work.
1) I never login remotely, so I think I can safely do away with openssh-server? tcp6 *:ssh *:* LISTEN 3026/sshd 2) The how-to suggests that for my setup I don't need anything to do with NFS - netstat reports rpc.statd and portmap as listening. Can I just purge nfs-common and portmap? tcp *:37381 *:* LISTEN 2603/rpc.statd tcp *:sunrpc *:* LISTEN 2578/portmap 3) I have apache installed as a dependency of doc-central. netstat shows it to be listening to all interfaces. Is there a way to set it to listen only for local connections? I don't understand this very well, but it seems I shouldn't need to listen to anyone from the outside to connect to my docs. tcp *:www *:* LISTEN 3826/apache 4) The only remaining listeners I have are: tcp localhost:929 *:* LISTEN 3721/famd tcp *:auth *:* LISTEN 3661/inetd tcp localhost:smtp *:* LISTEN 3385/exim4 What is auth? Since famd and exim4 are only listening to localhost, can I conclude they are not a security risk? Thanks for your help, Tyler -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
