dcsimg

Is your web server running unnecessary software?

By Jeremy Reed (Send Email)
Posted Feb 20, 2001


It is extremely simple and quick to install a BSD or Linux operating system with Apache and to start serving webpages. You can usually just boot from an installer CD, follow a few prompts and have a working system in less than an hour. And if your website is already designed and your domain name already points to your IP, a few minutes later your website can be up and running. Usually the default installations of popular Unix-like operating systems start up a bunch of useful, possibly useful and entirely unuseful programs all running in the background. This article will quickly share some ideas on how beginning webserver administrators can improve server efficiency, ease management and, hopefully, improve security as well. It shares a few examples of processes that don't need to be running, required programs and some ideas for BSD and System V-type systems for disabling startup scripts. This article doesn't go into great detail, but will give the newbie administrator some basic ideas.

Because it is so easy to get started, people with no Unix or other relevant experience can moonlight as ISPs or host their own websites.

And since Apache and most Linux and BSD operating systems are so stable, you could probably just forget about the server and it'll still be running great a year later. (In fact, I have had past jobs where I know the actively-used servers are no longer maintained and continue to run great -- including one Debian Linux box with an uptime of 485 days and counting.) Of course, this is not a good idea and I'd never suggest that an administrator entirely ignore their servers.

Usually the default installations of popular Unix-like operating systems start up a bunch of useful, possibly useful and entirely unuseful programs all running in the background. (These are usually called daemons.) Or you may inherit a server that was installed and administered by someone else -- who may have installed other programs or never cleaned up the system.

You may find that your "web" server is running a print spooler, a mail server (which may be relaying spam), a console mouse handler, and a variety of other software. In fact, you may learn that your webserver -- which doesn't even have a video monitor anymore -- may be running a graphical windowing system.

Over time, your performance needs may change. And over time, more security exploits are found (and fixed). This article will quickly share some ideas on how beginning webserver administrators can improve server efficiency, ease management and, hopefully, improve security as well. It shares a few examples of processes that don't need to be running, required programs and some ideas for BSD and System V-type systems for disabling startup scripts. This article doesn't go into great detail, but will give the newbie administrator some basic ideas. Be sure to consult your operating system's documentation for further instructions.

What programs are running?

To find out what's currently running on your server, type "ps auxw" or "ps -ef". In the output, the right-most information will tell the names of the running processes. You may have a list of names like: sshd, init, kpiod, khubd, klogd, atd, crond, inetd, gpm, xfs, xdm, kflushd, kupdated, kpiod, kswapd, ippd, iprofd, portmap, syslogd, xinit, esd, sawmill, panel, gmc, grekllm, imwheel, xmms, mdrecoveryd, lockd, rpciod, rpc.statd, apmd, automount, lpd, papd, sendmail, afpd, pptpd, identd, randomd, numlock, autofs, keytable, named, snmpd, xinetd and X.

Hopefully, you don't have this many processes -- or maybe you have more. You may wonder "why does this matter?", "the memory and cpu usage is so low, so who cares?" or "if my distribution installed them by default, then it must be the best idea."

But in making your decision, you should think about how much time you have to dedicate to administering your server. Are you willing to test and verify each of these miscellaneous programs that are running? Will you actively follow security announcements or read about the software updates in regards to important security fixes? And will you be able to quickly pinpoint a future problem, if you have so many programs running?

Programs that you forget about, but are always running in the background may have security problems. For example, a malicious outsider may send requests to it to slow down your system. Or a program may have a hole, in which an intruder can exploit to compromise or logon to your system.

Page 1 of 5


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.