Command Center

The best protection against vulnerable software is running less software. How do I find out which services are enabled at Boot under CentOS / RHEL / Fedora Linux? How do I disable software which is not needed?

Open terminal and login as root user.
Type the following command to list all services which are enabled at boot:

#chkconfig --list | grep $(runlevel  | awk '{ print $2}'):on

Sample output:

acpid           0:off 1:off 2:off 3:on 4:on 5:on 6:off
anacron         0:off 1:off 2:on 3:on 4:on 5:on 6:off
atd             0:off 1:off 2:off 3:on 4:on 5:on 6:off
auditd          0:off 1:off 2:on 3:on 4:on 5:on 6:off
cpuspeed        0:off 1:on 2:on 3:on 4:on 5:on 6:off
crond           0:off 1:off 2:on 3:on 4:on 5:on 6:off
dkms_autoinstaller 0:off 1:off 2:on 3:on 4:on 5:on 6:off
haldaemon       0:off 1:off 2:off 3:on 4:on 5:on 6:off
hidd            0:off 1:off 2:on 3:on 4:on 5:on 6:off
irqbalance      0:off 1:off 2:on 3:on 4:on 5:on 6:off
kudzu           0:off 1:off 2:off 3:on 4:on 5:on 6:off
lighttpd        0:off 1:off 2:on 3:on 4:on 5:on 6:off
lm_sensors      0:off 1:off 2:on 3:on 4:on 5:on 6:off
lvm2-monitor    0:off 1:on 2:on 3:on 4:on 5:on 6:off
mcstrans        0:off 1:off 2:on 3:on 4:on 5:on 6:off
mdmonitor       0:off 1:off 2:on 3:on 4:on 5:on 6:off
messagebus      0:off 1:off 2:off 3:on 4:on 5:on 6:off
microcode_ctl   0:off 1:off 2:on 3:on 4:on 5:on 6:off
mysqld          0:off 1:off 2:on 3:on 4:on 5:on 6:off
named           0:off 1:off 2:on 3:on 4:on 5:on 6:off
netfs           0:off 1:off 2:off 3:on 4:on 5:on 6:off
network         0:off 1:off 2:on 3:on 4:on 5:on 6:off
ntpd            0:off 1:off 2:on 3:on 4:on 5:on 6:off
pcscd           0:off 1:off 2:on 3:on 4:on 5:on 6:off
psacct          0:off 1:off 2:on 3:on 4:on 5:on 6:off
readahead_early 0:off 1:off 2:on 3:on 4:on 5:on 6:off
restorecond     0:off 1:off 2:on 3:on 4:on 5:on 6:off
rhnsd           0:off 1:off 2:on 3:on 4:on 5:on 6:off
rpcgssd         0:off 1:off 2:off 3:on 4:on 5:on 6:off
rpcidmapd       0:off 1:off 2:off 3:on 4:on 5:on 6:off
sendmail        0:off 1:off 2:on 3:on 4:on 5:on 6:off
setroubleshoot  0:off 1:off 2:off 3:on 4:on 5:on 6:off
smartd          0:off 1:off 2:on 3:on 4:on 5:on 6:off
snmpd           0:off 1:off 2:on 3:on 4:on 5:on 6:off
sshd            0:off 1:off 2:on 3:on 4:on 5:on 6:off
stor_agent      0:off 1:off 2:off 3:on 4:off 5:on 6:off
syslog          0:off 1:off 2:on 3:on 4:on 5:on 6:off
sysstat         0:off 1:off 2:on 3:on 4:off 5:on 6:off
vmware          0:off 1:off 2:on 3:on 4:off 5:on 6:off
xfs             0:off 1:off 2:on 3:on 4:on 5:on 6:off
xinetd          0:off 1:off 2:off 3:on 4:on 5:on 6:off
yum-updatesd    0:off 1:off 2:on 3:on 4:on 5:on 6:off

The first column of above output is the name of a service which is currently enabled at boot. You need to review each service.

Task: Disable service

To stop service, enter:
# service {service-name} stop
# service vmware stop
To disable service, enter:
# chkconfig {service-name} off
# chkconfig vmware off
You can also use ntsysv command to manage all services.

A note about outdated insecure service

All of the following services must be disabled to improve server security:

1. Inetd and Xinetd (inetd xinetd) - Use direct services configured via SysV and daemons.
2. Telnet (telnet-server) - Use ssh
3. Rlogin, Rsh, and Rcp ( rsh-server ) - Use ssh and scp.
4. NIS (ypserv) : Use OpenLDAP or Fedora directory server.
5. TFTP (tftp-server) : Use SFTP or SSH.

To delete all of the service enter:
# yum erase inetd xinetd ypserv tftp-server telnet-server rsh-serve

A note about Debian / Ubuntu Linux

Please see my comment below, to find out which services are enabled at boot under Debian / Ubuntu Linux and disable software which is not needed.

To list all boot time enabled services use the following costume shell code (type at command prompt):

R=$(runlevel  | awk '{ print $2}')
for s in /etc/rc${R}.d/*; do  basename $s | grep '^S' | sed 's/S[0-9].//g' ;done

Sample output:

policykit
vbesave
acpid
powernowd.early
sysklogd
xserver-xorg-input-wacom
klogd
dbus
avahi-daemon
dnsmasq
mysql-ndb-mgm
mysql-ndb
mysql
acct
apmd
apport
argus-server
dkms_autoinstaller
fancontrol
festival
hddtemp
ipmievd
nscd
scanlogd
sysstat
tcpspy
varnish
vboxdrv
vsftpd
winbind
aumix
dhcdbd
hal
pulseaudio
gdm
squid
system-tools-backends
radvd
anacron
atd
cron
binfmt-support
tomcat5.5
apache2
usplash
acpi-support
laptop-mode
rc.local
rmnologin
stop-readahead

 To turn off service use T-GUI tools like rcconf or simply type:

update-rc.d -f {service-name} remove

 update-rc.d {service-name} stop 20 2 3 4 5 .

For example, remove apache2, enter:

update-rc.d -f apache2 remove
update-rc.d apache2 stop 20 2 3 4 5 .

Use rcconf tool to view enabled services. See the following posts for more info about Debian / Ubuntu services:

• Ubuntu / Debian Linux: Services Configuration Tool to Start / Stop System Services
• Debian or Ubuntu Linux runlevel configuration tool to start service

REFERENCES
http://www.cyberciti.biz/faq/linux-determine-which-services-are-enabled-at-boot/#comment-41093