Re: essential services? ssh, nfs?

[Tyler Smith <tyler.smith@mail.mcgill.ca>]

On 2007-07-29, Jeff D <fixedored@gmail.com> wrote:
>
> the general rule of thumb, is if you dont use it, turn it off.  I'd turn 
> off almost every thing.  You can leave exim and famd on.
> to turn auth off, you can edit /etc/inetd.conf and comment out the line 
> that starts with ident.
>
> for portmap:
> update-rc.d -f portmap remove
> for rpc.statd:
> update-rc.d -f rpc.statd remove
> ssh:
> update-rc.d -f ssh remove
>
> to bind apache to the localhost, in /etc/apache2/ports.conf change the 
> Listen 80 to Listen 127.0.0.1:80, then restart apache.
>
>

Thanks Jeff, Doug, and everyone!

I purged the ssh-server, and followed Jeff's advice to remove
everything else. On rebooting now I have:

root:tyler# netstat -tap | grep LISTEN
 localhost:www           *:*                     LISTEN     4371/apache         
 localhost:smtp          *:*                     LISTEN     3331/exim4          

I don't know what happened to famd, but it's gone now. I did have to
change my bookmarks for doc-central from blackbart.mynetwork/dc to
localhost/dc, and that's working. The actual change in the apache conf
was in the file /etc/apache/httpd.conf. Other than that there were no
surprises. 

Now that I have nothing listening to the outside world, do I still
need a firewall? I have been using firestarter, but not consistently. 

Cheers,

Tyler