Security
Fedora Core 3 Linux Services
This table lists all Fedora Core 3 Linux Services, a description of each, and our recommendation for a simple desktop system.
|
Service
|
Description
|
Suggest
|
|---|---|---|
| mDNSResponder | Zero network configuration tool | [Off] |
| acpid | This a completely flexible, totally extensible daemon for delivering ACPI events. It listens on a file (/proc/acpi/event) and when an event occurs, executes programs to handle the event. ACPI stands for: Advanced Configuration and Power Interface. | [Off] |
| netplugd | netplugd is a daemon that responds to network link events from the Linux kernel, such as a network interface losing or acquiring a carrier signal. | [Off] |
| psacct | The psacct package contains several utilities for monitoring process activities, including ac, lastcomm, accton and sa. | [Off] |
| ypbind | ypbind finds the server for NIS domains and maintains the NIS binding information. | [Off] |
| mdmonitor | Software RAID monitoring tools | [Off] |
| rwhod | Rwhod is the server which maintains the database used by the rwho and ruptime programs. Its operation is predicated on the ability to broadcast messages on a network. | [Off] |
| rpcgssd | GSS Deamon Authenticator | [Off] |
| sendmail | Mail server, allows to send emails using this machine as mail server. | [Off] |
| haldaemon | Messengebus implementation by freedesktop.org | [Off] |
| netdump | Loads and configures the netdump kernel modules. Once these are loaded, when the kernel crashes it will send the oops message and a dump of physical memory to the machine that runs the netdump-server. This can then be used to debug the problem using gdb and a kernel image. | [Off] |
| atd | atd runs jobs queued by at. | [On] |
| diskdump |
The diskdump utility offers the ability to create and collect vmcore (Kernel dumps) on a single system without needing to be connected to a network. Diskdump creates files in an identical format to the netdump core files and can be analysed with the same tools. |
[Off] |
| snmpd | Simple Network Management protocol. A standard protocol for non-windows networks. | [Off] |
| Bluetooth | Support for Bluetooth hardware | [Off] |
| ntpd | The ntpd sets and maintains the system time of day in synchronism with Internet standard time servers. It is a complete implementation of the Network Time Protocol (NTP) version 4. Allows other computers to synchronize system time with your server. | [Off] |
| winbind |
Winbind is an nss switch module to map Windows NT Domain databases to Unix. In combination with Samba and pam_ntdom, a Unix box will be able to integrate straight into a full Windows NT Domain environment, without needing a Unix Account database. |
[Off] |
| cups | is a cross-platform printing solution for all UNIX environments. It is based on the "Internet Printing Protocol and provides complete printing services to most PostScript and raster printers. | [Off] |
| cups-lpd | his is the CUPS Line Printer Daemon ("LPD) mini-server that supports legacy client systems that use the LPD protocol. | [Off] |
| smartd | Self Monitor Analysis and Reporting Technology System. Monitor you hard disk for failures. | [Off] |
| rpcidmapd | RPC based impad daemon authenticator | [Off] |
| cpuspeed | Power management based CPU Speed control | [Off] |
| named | DNS server. Bind. | [Off] |
| firstboot | First boot configuration | [Off] |
| dc_server | Distributed session cache server | [Off] |
| rpcsvcgssd | GSS Daemon for NFS type service authentication | [Off] |
| nfs | Network File Transfer Service | [Off] |
| pcmcia | PCMCIA cards. | [Off] |
| portmap | The portmap service is a dynamic port assignment daemon for RPC services such as NIS and NFS | [Off] |
| lm_sensors | Environmental Monitoring | [Off] |
| crond | Daemon to execute scheduled commands. | [On] |
| readahead | Hard Disc read ahead cache | [Off] |
| nfslock | To help manage file access conflicts and protect NFS sessions during failures, NFS offers a file and record locking service called the network lock manager. The network lock manager is a separate service NFS makes available to user applications. To use the locking service, applications must make calls to standard lock routines. | [Off] |
| dc_client | Distributed session cache client | [Off] |
| microcode_ctl |
It decodes and sends new microcode to the kernel driver to be uploaded to Intel IA32 processors. (Pentium Pro, PII, PIII, Pentium 4, Celeron, Xeon etc - all P6 and above, which does NOT include pentium classics). It signals the kernel driver to release any buffers it may hold. The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode. This driver is designed for Intel IA32 microprocessors only, it will not work with AMD or any other non-Intel processors as they don't support microcode updates or they support it in a manner different from Intel's specs. |
[Off] |
| kudzu | Detects and configures new and/or changed hardware on a system. | [Off] |
| squid | Web proxy cache | [Off] |
| smb | Samba, allows to share and access MS windows network. | [Off] |
| apmd | The apmd package is a set of user-level programs to control the Advanced Power Management system found in all modern laptop computers and most modern desktops. apmd talks to the Linux kernel APM layer, which does all the hardware-dependent stuff. | [Off] |
| readahead_early | Hard Disc read ahead cache | [Off] |
| sshd | Secure Shell daemon, allows secure and remote logging to this machine. | [On] |
| yum |
yum is an automatic updater and package installer/remover for rpm systems. It automatically computes dependencies and figures out what things should occur to install packages. It makes it easier to maintain groups of machines without having to manually update each one using rpm. |
[Off] |
| anacron |
Anacron is a periodic command scheduler. It executes commands at intervals specified in days. Unlike cron, it does not assume that the system is running continuously. Every time Anacron is run, it reads a configuration file that specifies the jobs Anacron controls, and their periods in days. If a job wasn't executed in the last n days, where n is the period of that job, Anacron executes it. Anacron then records the date in a special timestamp file that it keeps for each job, so it can know when to run it again. |
[On] |
| xinetd |
Service wrapper. xinetd is a replacement for inetd, the internet services daemon. xinetd - eXtended InterNET services daemon - provides a good security against intrusion and reduces the risks of Denial of Services (DoS) attacks. Like the well known couple (inetd+tcpd), it enables the configuration of the access rights for a given machine. |
[Off] |
| nifd | Utility deamon to monitor network devices | [Off] |
| network | Activates all network interfaces at boot time. | [On] |
| tux | The TUX Web Server is an HTTP daemon for Linux . The TUX Web Server is different from other Web servers in that it runs partially from within the Linux kernel as a module, or kernel subsystem. Given sufficient networking cards, it enables direct scatter-gather direct memory access (DMA) and hardware-based TCP/IP checksums from the page cache (the Linux file data cache) directly to the network, avoiding extra data copies. | [Off] |
| autofs |
Auto-autofs detects Disks, Partitions, CD-ROMs, Floppies etc. and sets up an automount configuration. So it provides an easy access to the hardware. Auto-autofs is a Perl script that searches the hardware for block devices using the /proc directory. It finds partitions on harddisks via fdisk and tries to detect the filesystems. |
[Off] |
| rhnsd | Red Hat Network Service. Informs you about official security and bug updates for your system. | [Off] |
| netfs | - Network Filesystem Mounter. Needed for mounting NFS, SMB and NCP shares on boot. | [Off] |
| xfs |
The X font server (xfs) provides a standard mechanism for an X server to communicate with a font renderer, frequently running on a remote machine. It usually runs on TCP port 7100. You need to be running xfs if you want a remote X terminal to be able to use fonts from your system, or if you want to use fonts that your X server doesn't understand (and the font server does). |
[Off] |
| snmptrapd | This is an SNMP application that recieves and logs SNMP TRAP and INFORM messages. Uses UDP port 162. | [Off] |
| NetworkManager | automated Network interface configuration | [Off] |
| Messagebus | D-BUS is first a library that provides one-to-one communication between any two applications; dbus-daemon-1 is an application that uses this library to implement a message bus daemon. Multiple programs connect to the message bus daemon and can exchange messages with one another. | [Off] |
| gpm | General Purpose Mouse Daemon. Necessary only if you want to use your mouse on the console (not xterms). | [Off] |
| irda | (Infrared Data Association) is an industry standard for infrared wireless communication. | [Off] |
| mdmpd | Daemon to monitor MD multipath devices | [Off] |
| syslog | Logs all system activities. | [On] |
| httpd | The apache web server. | [Off] |
| vncserver | using a simple program (the "viewer) on another computer anywhere on the Internet. | [Off] |
| cups-config-daemon | Configuration deamon for cups (Common Unix Print System) | [Off] |
| saslauthd | SASL (Simple Authentication and Security Layer) authentication server. Server to allow others identify on this server. | [Off] |
| irqbalance | Daemon to balance irq's across multiple CPUs. Only useful on SMP systems (more than one processor) | [Off] |
| isdn | ISDN (Integrated Services Digital Network). Use only with ISDN network interfaces. | [Off] |
| vsftpd | Secure FTP daemon. | [Off] |
| iptables | Firewall | [Off] |
| nscd | Nscd is a daemon that provides a cache for the most common name service requests. | [Off] |
| aep1000 | For AEP 1000 coprocessors. It's used for hardware cryptographic acceleration under Linux. | [Off] |
| bcm5810 | Hardware cryptographic accelerator support for Broadcom BCM5820 eCommerce Processor. | [Off] |
| chargen(udp) | Character Generator Protocol. A useful debugging and measurement tool is a character generator service. A character generator service simply sends data without regard to the input. Listens on port 19 TCP/UDP. | [Off] |
| daytime(udp) | The Daytime Protocol (Internet RFC 867) is a simple protocol that allows clients to retrieve the current date and time from a remote server. While useful at a bsic level, the Daytime protocol is most often used for debugging purposes rather than actually acquire the current date and time. The daytime protocol is available on TCP port 13. | [Off] |
| echo(udp) | Service for testing, everything you send to port 7 (echo) would be sent back to you. | [Off] |
| ktalk | A graphical talk client for KDE. | [Off] |
| lisa | ISa is a small daemon which is intended to run on end user systems. It provides something like a "network neighborhood, but only relying on the TCP/IP protocol stack, no smb or whatever. | [Off] |
| mysql | MySQL database server. | [Off] |
| postgresql | PostgreSQL database server. | [Off] |
| random | Initialize kernel random number generator | [Off] |
| rawdevices | Block devices. Links hardware to devices that store data. | [Off] |
| rsync | Its just like rpc with much more features. Provides a very fast method for bringing remote files into sync. | [Off] |
| services | An internal xinetd services, listing active services. | [Off] |
| sgi_fam | File Alteration Monitor, provides an API that applications can use to be notified when specific files or directories are changed. For example, consider a graphical file manager, when the user removes a file thru the file manager, their changes are visible immediately. | [Off] |
| time (udp) | Retrieve the date and time from a host or hosts on the network and set the local system time TCP version. | [Off] |