New thread title: Am I running any unnecessary services?

[GTaudiophile]

Lastly, looking at my "Task Manager", is there anything here I should not be running?

UID PID PPID C STIME TTY TIME CMD
root 1 0 0 00:18 ? 00:00:01 init [2]
root 2 1 0 00:18 ? 00:00:00 [ksoftirqd/0]
root 3 1 0 00:18 ? 00:00:00 [events/0]
root 4 1 0 00:18 ? 00:00:00 [khelper]
root 5 1 0 00:18 ? 00:00:00 [kthread]
root 7 5 0 00:18 ? 00:00:00 [kacpid]
root 71 5 0 00:18 ? 00:00:00 [kblockd/0]
root 95 5 0 00:18 ? 00:00:00 [pdflush]
root 96 5 0 00:18 ? 00:00:00 [pdflush]
root 98 5 0 00:18 ? 00:00:00 [aio/0]
root 97 1 0 00:18 ? 00:00:00 [kswapd0]
root 683 1 0 00:18 ? 00:00:00 [kseriod]
root 1767 1 0 00:18 ? 00:00:00 [khubd]
root 2850 1 0 00:18 ? 00:00:00 [kjournald]
root 3018 1 0 00:18 ? 00:00:00 udevd --daemon
root 4300 1 0 00:19 ? 00:00:00 [kjournald]
root 5478 1 0 00:19 ? 00:00:00 /bin/dd bs 1 if /proc/kmsg of /var/run/klogd/kmsg
klog 5480 1 0 00:19 ? 00:00:00 /sbin/klogd -P /var/run/klogd/kmsg
root 5493 1 0 00:19 ? 00:00:00 /usr/sbin/nmbd -D
root 5495 1 0 00:19 ? 00:00:00 /usr/sbin/smbd -D
root 5501 5495 0 00:19 ? 00:00:00 /usr/sbin/smbd -D
root 5509 1 0 00:19 ? 00:00:00 /usr/sbin/sshd
daemon 5522 1 0 00:19 ? 00:00:00 /usr/sbin/atd
root 5532 1 0 00:19 ? 00:00:00 /usr/sbin/cron
root 5544 1 0 00:19 ? 00:00:00 /usr/sbin/apache2 -k start -DSSL
www-data 5545 5544 0 00:19 ? 00:00:00 /usr/sbin/apache2 -k start -DSSL
root 5553 1 0 00:19 tty1 00:00:00 /sbin/getty 38400 tty1
root 5555 1 0 00:19 tty2 00:00:00 /sbin/getty 38400 tty2
root 5556 1 0 00:19 tty3 00:00:00 /sbin/getty 38400 tty3
root 5557 1 0 00:19 tty4 00:00:00 /sbin/getty 38400 tty4
root 5558 1 0 00:19 tty5 00:00:00 /sbin/getty 38400 tty5
root 5559 1 0 00:19 tty6 00:00:00 /sbin/getty 38400 tty6
www-data 5583 5544 0 00:19 ? 00:00:00 /usr/sbin/apache2 -k start -DSSL
www-data 5585 5544 0 00:19 ? 00:00:00 /usr/sbin/apache2 -k start -DSSL
root 5639 5495 0 00:20 ? 00:00:00 /usr/sbin/smbd -D
syslog 5876 1 0 06:25 ? 00:00:00 /sbin/syslogd -u syslog
root 5880 5509 0 07:13 ? 00:00:00 sshd: root@pts/0
root 5882 5880 0 07:13 pts/0 00:00:00 -bash
root 5897 5882 0 07:15 pts/0 00:00:00 man ps
root 5903 5897 2 07:15 pts/0 00:00:01 pager -s
root 5952 5882 0 07:16 pts/0 00:00:00 ps -ef

 

[GTaudiophile]

Hmmm...perhaps this is an ownership problem. I need to change the ownership of /var/www/ perhaps.

 

[nweaver]

ls -la /var/www to see permissions (although as root you should be able to)
is /var/www an existing file (probably is the problem)
sudo ln -s /home/me/html /var/www/me to see if that's the problem.

 

[GTaudiophile]

mweaver: Any comments on the job list in my OP? Anything out of the ordinary?

 

[GTaudiophile]

Anyone?

 

[Nothinman]

Depends on what you want to be running on the thing. The only things running that should be doing any network traffic are ssh, apache2 and samba. You can run 'lsof -i' to verify what's listening on what ports.

 

[GTaudiophile]

Originally posted by: Nothinman
Depends on what you want to be running on the thing. The only things running that should be doing any network traffic are ssh, apache2 and samba. You can run 'lsof -i' to verify what's listening on what ports.

Those are the only things I want running...

 

[GTaudiophile]

I logged in with putty and ran the lsof -i command. Results:

COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
nmbd 5493 root 6u IPv4 7124 UDP *:netbios-ns
nmbd 5493 root 7u IPv4 7125 UDP *:netbios-dgm
nmbd 5493 root 8u IPv4 7127 UDP 192.XXX.XX.XX:netbios-ns
nmbd 5493 root 9u IPv4 7128 UDP 192.XXX.XX.XX:netbios-dgm
smbd 5495 root 20u IPv4 7154 TCP *:microsoft-ds (LISTEN)
smbd 5495 root 21u IPv4 7155 TCP *:netbios-ssn (LISTEN)
sshd 5509 root 3u IPv6 7167 TCP *:ssh (LISTEN)
apache2 5544 root 3u IPv6 7228 TCP *:www (LISTEN)
apache2 5544 root 4u IPv6 7229 TCP *:https (LISTEN)
apache2 5545 www-data 3u IPv6 7228 TCP *:www (LISTEN)
apache2 5545 www-data 4u IPv6 7229 TCP *:https (LISTEN)
apache2 5583 www-data 3u IPv6 7228 TCP *:www (LISTEN)
apache2 5583 www-data 4u IPv6 7229 TCP *:https (LISTEN)
apache2 5585 www-data 3u IPv6 7228 TCP *:www (LISTEN)
apache2 5585 www-data 4u IPv6 7229 TCP *:https (LISTEN)
smbd 5639 root 5u IPv4 7413 UDP localhost.localdomain:32768
smbd 5639 root 24u IPv4 7412 TCP 192.XXX.XX.XX:netbios-ssn->19 2.XXX.XX.YY:1390 (ESTABLISHED)
sshd 6273 root 3u IPv6 9553 TCP 192.XXX.XX.XX:ssh->user-37ka4 09.dialup.mindspring.com:60185 (ESTABLISHED)

 

[n0cmonkey]

I don't see a mail program.

Doesn't look like anything's running that shouldn't be.

 

[GTaudiophile]

Originally posted by: n0cmonkey
I don't see a mail program.

Doesn't look like anything's running that shouldn't be.

Why would I need a mail program?

 

[n0cmonkey]

Originally posted by: GTaudiophile

Originally posted by: n0cmonkey
I don't see a mail program.

Doesn't look like anything's running that shouldn't be.

Why would I need a mail program?

To deliver mail. I'm not sure if the MUAs can deliver local mail, or if they need an MTA. I generally leave sendmail running on lo0, just in case.

 

[Nothinman]

Why would I need a mail program?

To expand on what n0c said, lost of programs like cron, atd, logcheck, etc rely on mail being able to be delievered locally. Infact I'm surprised you were able to get a system running without one, most of those packages depend or recommend a mailer daemon like so.

 

[GTaudiophile]

Nope, no problem without a mail program.

 

[n0cmonkey]

Originally posted by: GTaudiophile
Nope, no problem without a mail program.

How do you recieve local mail from daemons and whatnot then?

 

[GTaudiophile]

Originally posted by: n0cmonkey

Originally posted by: GTaudiophile
Nope, no problem without a mail program.

How do you recieve local mail from daemons and whatnot then?

The server is not designed to handle mail of any sort...nor do I want it to. It sits at home on my living room floor on a dynamic Comcast 8Mbit connection. I use dyndns.org to maintain a connection to it. (The machine runs IPCHECK to dyndns via crontab.) It's there to house all of my music, video, and picture files on one drive...a drive I can access with PUTTY and/or WINSCP from work to download any needed files for my job. That's all it's there for. I have an account with Telnap to host my web site and be my mail server.

 

[n0cmonkey]

Originally posted by: GTaudiophile

Originally posted by: n0cmonkey

Originally posted by: GTaudiophile
Nope, no problem without a mail program.

How do you recieve local mail from daemons and whatnot then?

The server is not designed to handle mail of any sort...nor do I want it to. It sits at home on my living room floor on a dynamic Comcast 8Mbit connection. I use dyndns.org to maintain a connection to it. (The machine runs IPCHECK to dyndns via crontab.) It's there to house all of my music, video, and picture files on one drive...a drive I can access with PUTTY and/or WINSCP from work to download any needed files for my job. That's all it's there for. I have an account with Telnap to host my web site and be my mail server.

You missed the point, didn't you?

 

[GTaudiophile]

Originally posted by: n0cmonkey

Originally posted by: GTaudiophile

Originally posted by: n0cmonkey

Originally posted by: GTaudiophile
Nope, no problem without a mail program.

How do you recieve local mail from daemons and whatnot then?

The server is not designed to handle mail of any sort...nor do I want it to. It sits at home on my living room floor on a dynamic Comcast 8Mbit connection. I use dyndns.org to maintain a connection to it. (The machine runs IPCHECK to dyndns via crontab.) It's there to house all of my music, video, and picture files on one drive...a drive I can access with PUTTY and/or WINSCP from work to download any needed files for my job. That's all it's there for. I have an account with Telnap to host my web site and be my mail server.

You missed the point, didn't you?

Guess so! What is it?

 

[n0cmonkey]

Originally posted by: GTaudiophile
Guess so! What is it?

Often times local daemons and processes need a MTA to send local e-mails to notify the administrator of issues. Having an MTA is correct, not having one is not. Those e-mails are generally things to pay attention to. For example, OpenBSD's default configuration sends mail to the root user with security issues (including suid binaries, changes in important files, etc) on a regular basis. These aren't things to ignore.

The MTA will not be sending mail outside of the system (unless you configure it to do so), and will _not_ receive mail from outside of the system, so it should not be a remote security threat.

 

[GTaudiophile]

Hmmm...

Can't one just check the log files instead?

Anyway, so what SHOULD I install? And is there a HOWTO to do it?

 

[n0cmonkey]

Originally posted by: GTaudiophile
Hmmm...

Can't one just check the log files instead?

Anyway, so what SHOULD I install? And is there a HOWTO to do it?

At least on my system, not all of that is logged to a file.

 

[GTaudiophile]

Originally posted by: n0cmonkey

Originally posted by: GTaudiophile
Hmmm...

Can't one just check the log files instead?

Anyway, so what SHOULD I install? And is there a HOWTO to do it?

At least on my system, not all of that is logged to a file.

So can you recommend one with good documentation?

 

[n0cmonkey]

Originally posted by: GTaudiophile
So can you recommend one with good documentation?

I generally just use what comes with the OS, in the case of OpenBSD: sendmail. You can try whatever comes with your distro, but I'm not sure how confident I'd be in their configuration of it.

qmail is fine (lifewithqmail.org), postfix should work too, sendmail is the MTA standard.

 

[GTaudiophile]

Hmmm...so I need to find out what is available on the Ubuntu Server 5.10 CD. Any idea?

 

[GTaudiophile]

They seem to recommend Postfix over sendmail...

 

[n0cmonkey]

Originally posted by: GTaudiophile
They seem to recommend Postfix over sendmail...

That's fine, postfix isn't bad. Some people are scared of sendmail. It's had a rocky past wrt security.