[CentOS] Looking for a list of default services to disable in centos 5
spiro at knossos.net.nz
Wed Mar 25 21:39:55 UTC 2009
> I am looking for a list of services that you disable by default on
> your server.
what kind of server? smtp server? pop/imap server? proxy server? web
server? ftp server? logging server? voip gateway? firewall? rpm build
box? swipe card reader server? development/source repo server? LDAP,
or are you looking for a set of things that we disable by default on
all servers? At which point I question your choice of removing sendmail
(unless you're replacing it with something like exim or postfix)
because most servers need to send mail, even if it's just to alert you
when a cron job has barfed.
personally I disable, or don't install SE Linux, Network Manager (with
extreme prejudice), and anything to do with wireless/bluetooth, and X
on every single server.
From there it depends on what the server is doing.
We've got a Kickstart server and boot off USB sticks and CDs that
allow us to pick generic build types off a menu (eg; web server, smtp
server, mail storage server, etc). The kickstart config just pulls down
the packages we want, a few scripts get run doing various things like
updating all packages, setting up our distributed config system,
installing custom packages, and so on.
However, I don't see the usefulness in seeing what other people
disable. Everybody has different networks, different requirements, and
does different things on their boxes. What you should be doing is
looking at *your* servers and itemising what they do. Then remove all
packages that are not needed to provide those services.
Spiro Harvey Knossos Networks Ltd
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 198 bytes
Desc: not available
Url : http://lists.centos.org/pipermail/centos/attachments/20090326/ecd7586e/attachment.bin
More information about the CentOS