Common Linux Service ports

Linux servers start with a number of system services that provide local and network users with a system-functional interface for Linux that is directly targeted to applications and users. The programs that provide these services are executed by daemons running in the background (daemons). A daemon is a process that has a long lifetime. They are independent of the control terminal and periodically perform certain tasks or wait to handle certain occurrences. They often start when the system boots and terminate when the system shuts down. Linux systems have many daemons, and most servers are implemented with daemons. At the same time, the daemon completes many system tasks, such as job planning process crond, printing process lqd and so on. Some books and materials also call the daemon a "service". Choose which daemons to run, depending on your specific needs. To view the services that the system can provide for the daemons, run as root with the following methods:

#ntsysv

Figure 1 System services that can be selected
The window shown in interface 1 below provides a detailed description of the functions of each system service. The English alphabet is the preface:
I. Introduction to the Linux daemon
1.alsasound:alsa sound card driver daemon. The ALSA sound card driver was originally written for a sound card gravis Ultrasound (GUS) and the program proved to be excellent, so the author started writing drivers for the general sound card. Alsa and Oss/free and Oss/linux are compatible, but have their own interfaces, even better than OSS.
2.acpid:acpid (Advanced Configuration and Power Interface) is an alternative to traditionalAPThe new power management standard introduced by the M power management standard. Usually laptops need to be powered up for management.
3.atalk:appletalk the network daemon. Be careful not to run the program in the background, the program's data structure must be initialized before running other processes.
4.AMD: Automatically installs the NFS daemon.
5.anacron: An automated running task daemon. Red Hat Linux has four tools for automating tasks: Cron, Anacron, at, and BATC. When your Linux server is not running all day, this anacron can help you perform the work that you did not do during the "crontab" time set.
6.APMD:APMD (Advanced Power Management) is a premium management. Traditional power management standards, for notebook computers are more useful, you can understand the system's battery power information. and writes the relevant information to the log through SYSLOGD. can also be used to shut down when power is low.
7.ARPTABLES_JF: Controls the filtering daemon for users of the Arptables network.
8.arpwatch: Log and build an Ethernet address and IP address pair that you see on the LAN interfaceDatabase。
Atd:at and Batch command daemons, the tasks that the user dispatches with the AT command. Batch is used to run batch tasks when the system load is low.
9.AUTOFS: Auto-Install management process AutoMount, related to NFS, dependent on NIS server.
10.BOOTPARAMD: Boot the parameter server to provide information necessary for booting the diskless workstation on the LAN.
11.bluetooch: Bluetooth server daemon.
12.crond:cron isUnixA traditional program under which the program runs a user-scheduled task periodically. Compared to the traditional UNIX version, the Linux version adds a lot of attributes and is more secure and simpler to configure. Similar to Scheduled tasks.
13.chargen: Chargen Server,chargen using the TCP protocol (Character GeneratorProTocol) is a kind of network service, the main function is to provide similar remote typing functions.
14.CHARGEN-UDP: Chargen server using the UDP protocol.
15.cpuspeed: Monitors system idle percentages, reduces or accelerates CPU clock speed and voltage to minimize energy consumption when the system is idle, and maximizes system execution speed when the system is busy.
16.DHCPD: The service daemon for Dynamic Host Control Protocol (PROTOCOL).
17.cups:cups (Common Unix Printing System) is a generic UNIX print daemon that provides third-generation printing capabilities for Linux.
18.cups-config-daemons:cups the print system to switch daemons.
19.cups-lpd:cups the line Print daemon.
20.daytime: The daytime daemon using the TCP protocol, which provides the client with the ability to obtain the date and time from a remote server. Default port: 13.
21.DAYTIME-UDP: The daytime daemon using the UDP protocol.
22.dc_server: The proxy server daemon that uses SSL Secure sockets.
23.dc_clIENT: The client daemon that uses SSL Secure sockets.
24.diskdump: Server disk Backup daemon.
25.echo: The server echoes the Customer data Service daemon.
26.ECHO-UDP: Echo the client Data Service daemon using the UDP protocol server.
27.eklogin: A daemon that accepts rlogin session forensics and a service that is encrypted with KERBEROS5.
28.gated: Gateway Routing daemon. It supports a variety of routing protocols, including RIP versions 1 and 2, the DCN Hello Protocol, OSPF version 2, and EGP versions 2 through 4.
The 29.GPM:GPM (General Purpose Mouse Daemon) daemon provides mouse support for Linux programs in text mode such as MC (Midnight Commander). It also supports copy, paste, and pop-up menus for mouse under the console.
30.GSSFTP: FTP daemon with Kerberos 5 authentication
The 31.httpd:web server Apache daemon can be used to provide HTML files as well as CGI dynamic content services.
32.INETD: Internet Operation daemon. Monitor the network's needs for the various services it manages, and start the appropriate service programs when necessary. Replaced by xinetd in Redhat and Mandrake Linux. Debian, Slackware,SuSEStill used.
33.innd:usenet News server Daemon.
34.IIIm: Chinese Input Method Server daemon.
35.iptables:iptables Firewall daemon.
36.irda: Infrared Port daemon.
37.iSDN:ISDN starts and aborts the service daemon.
38.krb5-telnet: The telnet daemon that uses Kerberos 5 authentication.
39.klogin: remote login daemon.
40.keytable: The function of this process is to reprint the keyboard mapping table defined in/etc/sysconfig/keyboards, which can be selected through the Kbdconfig tool. You should make the program active.
41.irqbalance: A daemon that load balances system interrupt requests in multiple system processor environments. If you have only one CPU installed, you do not need to load this daemon.
42.kshell:kshell daemon process.
43.kudzu: Hardware automatic detection program, will automatically detect whether the hardware changes, and the corresponding hardware additions, deletions work. When the system starts, Kudzu detects the current hardware and controls the hardware information stored in the/etc/sysconfig/hwconf, and if a hardware is added or removed from the system, then Kudzu will be aware of it and inform the user whether to configure it. Then modify the etc/sysconfig/hwconf to keep the hardware data in sync with the system. If/etc/sysconfig/hwconf This file does not exist, then kudzu will be from/etc/modprobe.conf,/etc/sysconfig/network-scripts/and etc/x11/ Detects existing hardware in the xf86config. If you do not intend to add new hardware, you can turn off the startup service to speed up the system startup time.
44.LDAP:LDAP Directory Access Protocol server daemon (Lightweight Directory Access Protocol).
45.lm_serOEMS: detects the motherboard's work status daemon.
46.LPD:LPD is an old print daemon that is responsible for submitting programs such as LPR to print jobs.
47.mdmonitor:raid the daemon for the associated device.
48.messagebus:d-bus is a library that provides one-to-two communications for more than two or two applications. Dbus-daemon-1 is an application that uses this library to implement the Messagebus daemon. Multiple applications can exchange information with other programs by connecting the Messagebus daemon.
49.microcode_ctl: Can encode and send new micro-code to the kernel to updateIntelIA32 Series Processor Daemon.
50.mysqld: A fast and efficient and reliable lightweight SQL database engine daemon.
51.named:dns (BIND) server daemon.
52.NETPLUGD:NETPLUGD (NetworkCAble hotplug management daemon) daemon, which monitors the state of one or more network interfaces and runs an external script program when certain events are triggered.
53.netdump: Remote network backup server daemon.
54.netfs:network Filesystem Mounter, the process installs and uninstalls NFS, samba, and NCP network file systems.
55.NFS: Network File System daemon.
56.nfslock:nfs is a popular protocol for sharing files over a TCP/IP network, and this daemon provides the NFS file locking feature.
57.ntpd:network Time Protocol Daemon (Network Temporal Correction Protocol). NTPD is the protocol daemon used to keep the system and an accurate time source in sync with time.
58.network: Activates/shuts down the various network interface daemons at startup.
59.PSACCT: The daemon includes several tools for monitoring process activity, including Ac,lastcomm, Accton, and SA.
60.pcmcia: Mainly used to support the laptop interface daemon.
61.portmap: The daemon is used to support RPC connections, and RPC is used for services such as NFS and NIS.
62.postgresql:postgresql relational database engine.
63.PROFTPD:PROFTPD is a daemon that configures a flexible FTP server under UNIX.
64.pppoe:ADSLConnection daemon.
65.random: A high-quality random number generator for saving and restoring systems, these random numbers are provided by some random behavior of the system.
66.rawdevices: The daemon used to load raw devices when using a clustered file system.
67.readahead, Readahead_early:readahead, and Readahead_early are the latest two daemons running in the background in Fedora Core2. The function is to start the system, the file to be used to start the system to read into memory, and then execute in memory to speed up the system.
68.rhnsd:red Hat Network Service daemon. Notify the official security information and patch the system.
69.routed: The daemon supports automatic IP routing table maintenance for RIP protocol. RIP is primarily used on small networks where a larger network requires a more complex protocol.
70.rsync:remote Sync Remote Data Backup daemon.
71.rsh: Start a shell on the remote host and execute the user command.
72.rwhod: Allows a remote user to obtain a list of all logged-in users on the machine running the rwho daemon.
73.RSTATD: A waiting process for collecting and providing system information for other machines on the LAN.
74.ruserd: Remote user Location service, which is an RPC-based service that provides user information about the current record to a machine log in the LAN
75.RWALLD: Activates the Rpc.rwall service process, an RPC-based service that allows users to write messages to each other terminal registered on the LAN machine.
76.rwhod: Activates the Rwhod service process, which supports LAN rwho and Ruptime services.
77.SASLAUTHD: Use the SASL authentication daemon.
78.sendmail: Mail server sendmail daemon.
79.smb:samba File share/Print Service daemon.
80.SNMPD: Local Simple Network management daemon.
81.squid: Agent Server Squid daemon.
82.sshd:openssh Server daemon. Secure Shell protocol enables remote management of hosts safely.
83.smartd:self Monitor Analysis and Reporting technology System, monitoring yourHDDIf there is a failure.
84.syslog: A script that lets the system boot up the syslog and klogd the system log waiting process.
85.time: The daemon obtains the time and date from the remote host, using the TCP protocol.
86.TIME-UDP: The daemon obtains the time and date from the remote host, using the UDP protocol.
87.tux: The daemon that runs the Apache server in the Linux kernel.
88.VSFTPD:VSFTPD The daemon of the server.
89.VNCSERVER:VNC (Virtual network Computing), which provides a lightweight protocol that displays the entire "desktop" of a remote computer on a local system.
The 90.xfs:x window Font Server daemon provides font sets for both local and remote X servers.
91.XINETD: A core daemon that supports multiple network services.
92.ypbind: Activates the Ypbind service process for NIS (Network Information System) clients.
93.yppasswdd:nis Password Server daemon.
94.ypserv:nis the master server daemon.
95.yum:RPMoperating system automatic upgrade and package management daemon.

Ii. How the Daemon works
In client/server mode. Server snooping (Listen) waits for a client to connect on a specific port. After the connection is successful, the server and client communicate through the port. The daemon's job is to open a port and wait for (Listen) to enter the connection. If the client generates a connection request, the daemon creates (Fork) a child server to respond to the connection, and the primary server continues to listen for other service requests.

2. How the Daemon works:
(1) running an independent daemon
The standalone daemon is managed by the Init script, and the scripts for all the independently running daemons are in the/etc/rc.d/init.d/directory. System services are run independently of daemons including: Syslogd and Cron. Running an independent daemon is called: stand-alone. It is a Unix traditional access mode for C/s mode. Server snooping (Listen) waits for the client to be online on a feature port. If the client generates a connection request, the daemon creates (Fork) a child server to respond to the connection, and the primary server continues to listen. To keep multiple child server pools waiting for the next client request. The operating principle of stand-alone mode is shown in Figure 1.

Figure 1 Stand-alone operating mode
Network services that work in stand-alone mode have route, gated. In addition is everyone most familiar with is the Web server:Apache and mail server sendmail, domain name server bind. Because these loads are very large on the server, pre-creating a child server can be done through the customer's service speed. Services initiated through stand-alone operating mode on Linux systems are initiated by symbolic links in the corresponding runlevel below/etc/rc.d/.

(2) xinetd mode
From the daemon concept, it can be seen that for each service that the system is going through, it must run a daemon that listens to a port connection, which usually means a waste of resources. To solve this problem, Linux introduces the concept of "Network Daemon Service Program". The network daemon used by Redhatlinux 9.0 is xinted (eXtended Internetdaemon). Compared to the stand-alone mode, xinted mode is also called Internetsuper-server (Super Server). XINETD can listen to multiple specified ports at the same time, when accepting user requests, he can initiate different network service processes to handle these user requests depending on the port requested by the user. You can think of xinetd as a Management server that manages the startup service, decides to hand over a client request to that program, and then initiates the appropriate daemon. The operating principle of xinetd mode is shown in Figure 3.

Figure 3 XINETD operating mode
The system does not want every network service process to listen to its service port compared to the stand-alone mode of operation. Running a single xinetd can simultaneously listen to all service ports, which reduces system overhead and protects system resources. However, for the large number of accesses and frequent concurrent access, xinetd wants to start the corresponding network service process frequently, which can result in degraded system performance. The view system provides the mode method for Linux services on the Linux command line you can use the Pstree command to see two different ways to start a network service. In general, the system has some high-load services: SendMail, Apache services are started separately. Other service types can be managed using XINETD Super server. To view the currently running daemons, you can use the command: "Pstree"

Third, daemon management tools
Linux offers three different daemon management tools: Redhat-config-services, NTSYSV, and Chkconfig, which can be used flexibly depending on the specific needs.
(1) redhat-config-services
Redhat-config-services is a graphical application that shows a description of each service and whether each service is started at boot time (runlevel 3, 4, 5) and allows you to start, stop, or restart which of the/ETC/RC.D/INIT.D SysV services, which xinetd services. To start the Service Configuration tool from the desktop, click "Main Menu"=>"system settings"=>"server Settings"=>"Service" on the panel, or at the shell prompt, type the command: "Redhat-config-services" (see Figure 4).

Figure 4 Redhat-config-services Configuration Tool
Redhat-config-services lists the services in/ETC/RC.D/INIT.D and the services controlled by XINETD. Click the service name in the list on the left to display a brief description of the service and its service status. If the service is not a xinetd service, the status window will show whether the service is currently running. If the service is controlled by xinetd, the status window will display the phrase "xinetd service. To start, stop, or restart a service immediately, select the service from the list, and then click the appropriate button on the toolbar (or select action from the Action drop-down menu). If the service is a xinetd service, the action buttons are disabled because they cannot be started or stopped individually. If you enable or disable the XINETD service by selecting or deselecting the check box next to the service name, you must restart xinetd by selecting "File"=>"Save Changes" from the dropdown menu and immediately enable or disable the XINETD service you have changed. The XINETD is also configured as an automatic memory setting. You can enable or disable multiple XINETD services at the same time, and then save the changes after the end.
(2) Ntsysv
The NTSYSV tool provides a simple interface for activating or deactivating services. You can use NTSYSV to start or close a service managed by xinetd. You can also use NTSYSV to configure the runlevel. By default, only the current runlevel will be configured. To configure different runlevel, use the--level option to specify one or more run levels. For example, command NTSYSV--level 345 To configure run levels 3, 4, and 5. NTSYSV's working interface is shown in Figure 1. Use the up and down arrows to view the list up and down. Use the SPACEBAR to select or deselect services, or to press the OK and Cancel buttons. To switch between the list of services and the OK, cancel buttons, use the [Tab] key. * Indicates that a service is set to start. The [F1] key pops up a brief description of each service.
(3) Chkconfig
The Chkconfig command can also be used to activate and deactivate services. The Chkconfig--list command displays a list of system services and whether these services have been started (on) or stopped (off) at run level 0 through 6. Chkconfig can also be used to set whether a service is started or deactivated within a specified runlevel. For example, to deactivate the NFS service in RunLevel 3, 4, 5, use the following command:
Chkconfig--level 345 NFS Off
Iv. reasonable selection of daemons to evade security risks
Running an unnecessary or vulnerable daemon will giveThe operating system brings security and performance impact. For system security, if any of the vulnerabilities in the operating system can cause the entire system to be compromised. Therefore, the best way to increase system security is to monitor the function of the system as much as possible. The article begins with an introduction to the important daemons, where "Crond, Syslog, keytable, xinetd, kudzu, iptables" are required to run, Echo, ECHO-UDP, daytime, DAYTIME-UDP, Chargen, CHARGEN-UDP is mainly to do the adjustment trial, ordinary users can not be used to close the basic.
The daemon at the beginning of the R word: rsh, rstatd, rsync, RuserSD, rwalld These commands are Berkley remote commands, because all start with the letter R and are called r* commands. The primary use is to make one of the users on one computer remotely execute a program on another computer with the same account. However, the R command has been proven to present a security risk. For the daemons that are really needed, you should try to use the latest version of the program and increase its security.
In addition, we have to choose a reasonable daemon such as innd is the process of running the newsgroup service, if the user does not do Usenet server, should be turned off.

Summarize:
Open Source Linux provides a platform for users to customize their own Linux daemons based on their own software and hardware environment. Therefore, depending on the application scope of each user to customize the application environment, the security and performance of the Linux system can be increased to a new height.

Common Linux Service ports