is Cupsd necesary on a hosting server??

[bsasninja]

I noticed that cupsd (printer server) daemon is running on my server, it starts when the system is booted.
I think is not necesary to have this up on a hosting machine so how I disable this?

Thank you

 

[chirpy]

It is definitely not needed:

service cups stop
chkconfig cups off
chkconfig --del cups

 

[bsasninja]

Thanks!

do you know other common service that could be unnecesary?
I would like to get rid of unnecesary processes.

Thanks again.

 

[chirpy]

Some common ones that are running and not usually used:

If you have an ingress and outgress configured firewall, there's little point in running:
portsentry

Also, depending on your OS:

xfs
atd
anacron
nfslock
FreeWnn
canna
rpcidmapd
cups-config-daemon
ntpd
snmpd
iiim
mDNSResponder
nifd
auditd
bluetooth

If you're not running linux software RAID:

mdmpd
mdmonitor

All the above can be stopped and disabled as per cups above.

 

[bsasninja]

have Centos 4.3 here are the running processes, Im runing kiss as firewall (pure iptables script), and portsentry is running. There is a kauditd I dont know if its the same as auditd

root@server1 [~]# ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 2788 556 ? S Aug09 0:07 init [3]
root 2 0.0 0.0 0 0 ? S Aug09 0:00 [migration/0]
root 3 0.0 0.0 0 0 ? SN Aug09 0:00 [ksoftirqd/0]
root 4 0.0 0.0 0 0 ? S Aug09 0:00 [migration/1]
root 5 0.0 0.0 0 0 ? SN Aug09 0:00 [ksoftirqd/1]
root 6 0.0 0.0 0 0 ? S< Aug09 0:00 [events/0]
root 7 0.0 0.0 0 0 ? S< Aug09 0:00 [events/1]
root 8 0.0 0.0 0 0 ? S< Aug09 0:00 [khelper]
root 9 0.0 0.0 0 0 ? S< Aug09 0:00 [kacpid]
root 31 0.0 0.0 0 0 ? S< Aug09 0:00 [kblockd/0]
root 32 0.0 0.0 0 0 ? S< Aug09 0:00 [kblockd/1]
root 33 0.0 0.0 0 0 ? S Aug09 0:00 [khubd]
root 42 0.0 0.0 0 0 ? S Aug09 0:00 [pdflush]
root 43 0.0 0.0 0 0 ? S Aug09 0:03 [pdflush]
root 44 0.0 0.0 0 0 ? S Aug09 0:03 [kswapd0]
root 45 0.0 0.0 0 0 ? S< Aug09 0:00 [aio/0]
root 46 0.0 0.0 0 0 ? S< Aug09 0:00 [aio/1]
root 120 0.0 0.0 0 0 ? S Aug09 0:00 [kseriod]
root 189 0.0 0.0 0 0 ? S< Aug09 0:00 [ata/0]
root 190 0.0 0.0 0 0 ? S< Aug09 0:00 [ata/1]
root 194 0.0 0.0 0 0 ? S Aug09 0:00 [scsi_eh_0]
root 195 0.0 0.0 0 0 ? S Aug09 0:00 [scsi_eh_1]
root 196 0.0 0.0 0 0 ? S Aug09 0:00 [scsi_eh_2]
root 197 0.0 0.0 0 0 ? S Aug09 0:00 [scsi_eh_3]
root 224 0.0 0.0 0 0 ? S Aug09 0:02 [kjournald]
root 957 0.0 0.0 1908 440 ? S<s Aug09 0:00 udevd
root 1034 0.0 0.0 0 0 ? S Aug09 0:00 [shpchpd_event]
root 1050 0.0 0.0 0 0 ? S< Aug09 0:00 [kauditd]
root 1104 0.0 0.0 0 0 ? S< Aug09 0:00 [kmirrord]
root 1105 0.0 0.0 0 0 ? S< Aug09 0:00 [kmir_mon]
root 1129 0.0 0.0 0 0 ? S Aug09 0:00 [kjournald]
root 1130 0.0 0.0 0 0 ? S Aug09 0:00 [kjournald]
root 1131 0.0 0.0 0 0 ? S Aug09 0:05 [kjournald]
root 1132 0.0 0.0 0 0 ? S Aug09 0:01 [kjournald]
root 1133 0.0 0.0 0 0 ? S Aug09 0:03 [kjournald]
root 1134 0.0 0.0 0 0 ? S Aug09 0:24 [kjournald]
root 1199 0.0 0.0 3184 432 ttyS0 Ss+ Aug09 0:00 /sbin/agetty ttyS0 9600 vt100-nav
root 1649 0.0 0.0 2036 592 ? Ss Aug09 0:15 syslogd -m 0
root 1653 0.0 0.0 2600 472 ? Ss Aug09 0:00 klogd -x
root 1663 0.0 0.0 2736 468 ? Ss Aug09 0:00 irqbalance
root 1709 0.0 0.0 5404 992 ? Ss Aug09 0:00 rpc.idmapd
root 1779 0.0 0.0 2684 544 ? Ss Aug09 0:00 /usr/sbin/acpid
root 1833 0.0 0.0 5456 1688 ? Ss Aug09 0:00 /usr/sbin/sshd
root 1863 0.0 0.0 3020 864 ? Ss Aug09 0:01 xinetd -stayalive -pidfile /var/run/xinetd.pid
root 1881 0.0 0.4 13056 8420 ? S Aug09 0:01 chkservd
root 2056 0.0 0.0 4792 1168 ? Ss Aug09 0:00 crond
root 2336 0.0 0.0 7264 1824 ? Ss Aug09 0:00 pure-ftpd (SERVER)
root 2340 0.0 0.0 5772 680 ? S Aug09 0:00 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/sbin/pureau
root 2353 0.3 0.5 15032 10984 ? SN Aug09 4:18 cpanellogd - sleeping for logs
cpanel 2384 0.0 0.0 4952 1704 ? Ss Aug09 0:00 /usr/bin/stunnel-4.15local /usr/local/cpanel/etc/stunnel/defau
dbus 2406 0.0 0.0 13540 1304 ? Ssl Aug09 0:00 dbus-daemon-1 --system
root 2454 0.0 0.2 8032 5392 ? Ss Aug09 0:16 hald
root 2487 0.0 0.0 1476 492 ? Ss Aug09 0:00 /usr/sbin/portsentry -tcp
named 3004 0.0 0.3 53624 7692 ? Ssl Aug09 0:22 /usr/sbin/named -u named
root 3296 0.0 0.0 2520 404 tty1 Ss+ Aug09 0:00 /sbin/mingetty tty1
root 3297 0.0 0.0 3048 404 tty2 Ss+ Aug09 0:00 /sbin/mingetty tty2
root 3298 0.0 0.0 1672 400 tty3 Ss+ Aug09 0:00 /sbin/mingetty tty3
root 3299 0.0 0.0 2912 404 tty4 Ss+ Aug09 0:00 /sbin/mingetty tty4
root 3300 0.0 0.0 2592 404 tty5 Ss+ Aug09 0:00 /sbin/mingetty tty5
root 3301 0.0 0.0 2144 400 tty6 Ss+ Aug09 0:00 /sbin/mingetty tty6
root 18777 0.0 0.0 5968 1076 ? S Aug09 0:00 /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --pid-fi
mysql 18798 0.5 1.2 106332 25912 ? Sl Aug09 6:16 /usr/sbin/mysqld --basedir=/ --datadir=/var/lib/mysql --user=m
root 19759 0.0 0.4 12568 9168 ? S Aug09 0:50 cppop - accepting on port 110
root 20261 0.0 0.9 30596 19132 ? Ss Aug09 0:12 /usr/local/apache/bin/httpd -DSSL
mailnull 6772 0.0 0.0 8544 1720 ? Ss 00:34 0:00 /usr/sbin/exim -bd -oX 8025
mailnull 6778 0.0 0.0 8756 1732 ? Ss 00:34 0:07 /usr/sbin/exim -bd -q60m
mailnull 6784 0.0 0.0 8392 1704 ? Ss 00:34 0:00 /usr/sbin/exim -tls-on-connect -bd -oX 465
root 6789 0.2 0.0 3204 1456 ? S 00:34 2:57 antirelayd
root 6798 0.0 1.0 26292 22512 ? Ss 00:34 0:01 /usr/bin/spamd -d --allowed-ips=127.0.0.1 --pidfile=/var/run/s
root 6705 0.0 0.5 12256 10780 ? S 04:37 0:01 cpsrvd - waiting for connections
root 13316 0.0 1.2 29624 25992 ? S 15:44 0:00 spamd child
root 2327 0.4 1.5 35216 31528 ? S 17:23 0:16 spamd child
nobody 6779 0.3 1.2 37704 26648 ? S 17:41 0:07 /usr/local/apache/bin/httpd -DSSL
nobody 6782 0.4 1.1 34952 23888 ? S 17:41 0:11 /usr/local/apache/bin/httpd -DSSL
nobody 6786 0.2 1.1 35036 23984 ? S 17:41 0:06 /usr/local/apache/bin/httpd -DSSL
nobody 7108 0.2 1.1 35244 24176 ? S 17:44 0:06 /usr/local/apache/bin/httpd -DSSL
nobody 8739 0.1 1.0 33644 22556 ? S 17:56 0:02 /usr/local/apache/bin/httpd -DSSL
dismotio 10607 0.0 0.0 7296 1988 ? SN 17:59 0:00 pure-ftpd (IDLE)
nobody 11909 0.0 1.1 34936 23828 ? S 18:08 0:00 /usr/local/apache/bin/httpd -DSSL
lacajade 12531 0.0 0.0 7296 1984 ? SN 18:12 0:00 pure-ftpd (IDLE)

 

[bsasninja]

I reduce also unnecesary ttys.

 

[rsutc]

Some common ones that are running and not usually used:

If you have an ingress and outgress configured firewall, there's little point in running:
portsentry

Also, depending on your OS:

anacron



All the above can be stopped and disabled as per cups above.

Tell us more about anacron. What does it do, what is the viulnerability and can it be disabled in CentOS 4?

Rick

 

[chirpy]

man anacron
Most people don't use it, so you shouldn't run it so that it cannot be abused.