what needs to be running for server ftp web mysql

[fuckoffmicrosoft]

anacron Yes Run cron jobs that were left out due to downtime
 apmd Yes apmd is used for monitoring battery status and logging it via syslog(8). It can also be used for shutting down the machine when the battery is low.
 arpwatch No The arpwatch daemon attempts to keep track of ethernet/ip address pairings.
 atd Yes Runs commands scheduled by the at command at the time specified when at was run, and runs batch commands when the load average is low enough.
 autofs Yes Automounts filesystems on demand
 crond Yes cron is a standard UNIX program that runs user-specified programs at periodic scheduled times. vixie cron adds a number of features to the basic UNIX cron, including better security and more powerful configuration options.
 cups No Startup/shutdown script for the Common UNIX Printing System (CUPS).
 gpm Yes GPM adds mouse support to text-based Linux applications such the Midnight Commander. Is also allows mouse-based console cut-and-paste operations, and includes support for pop-up menus on the console.
 halt No
 
 httpd Yes Apache is a World Wide Web server. It is used to serve HTML files and CGI.
 identd No The identd server provides a means to determine the identity of a user of a particular TCP connection. Given a TCP port number pair, it returns a character string which identifies the owner of that connection on the server's system.
 ipchains Yes Automates a packet filtering firewall with ipchains.
 iptables Yes Automates a packet filtering firewall with iptables.
 isdn Yes start and stop ISDN services
 kdcrotate No Rotate the list of KDCs listed in /etc/krb5.conf
 keytable Yes This package loads the selected keyboard map as set in /etc/sysconfig/keyboard. This can be selected using the kbdconfig utility. You should leave this enabled for most machines.
 killall No
 
 kudzu Yes This runs the hardware probe, and optionally configures changed hardware.
 lpd Yes lpd is the print daemon required for lpr to work properly. It is basically a server that arbitrates print jobs to printer(s).
 mysqld Yes MySQL database server.
 netfs Yes Mounts and unmounts all Network File System (NFS), SMB (Lan Manager/Windows), and NCP (NetWare) mount points.
 network Yes Activates/Deactivates all network interfaces configured to start at boot time.
 nfs No NFS is a popular protocol for file sharing across TCP/IP networks. This service provides NFS server functionality, which is configured via the /etc/exports file.
 nfslock Yes NFS is a popular protocol for file sharing across TCP/IP networks. This service provides NFS file locking functionality.
 nscd No This is a daemon which handles passwd and group lookups for running programs and cache the results for the next query. You should start this daemon if you use slow naming services like NIS, NIS+, LDAP, or hesiod.
 ntpd No ntpd is the NTPv4 daemon.
 portmap Yes The portmapper manages RPC connections, which are used by protocols such as NFS and NIS. The portmap server must be running on machines which act as servers for protocols which make use of the RPC mechanism.
 radvd No radvd is the router advertisement daemon for IPv6. It listens to router solicitations and sends router advertisements as described in "Neighbor Discovery for IP Version 6 (IPv6)" (RFC 2461). With these advertisements hosts can automatically configure their addresses and some other parameters. They also can choose a default router based on these advertisements.
 random Yes Saves and restores system entropy pool for higher quality random number generation.
 rawdevices Yes This scripts assignes raw devices to block devices (such as hard drive partitions). This is for the use of applications such as Oracle. You can set up the raw device to block device mapping by editing the file /etc/sysconfig/rawdevices.
 rhnsd Yes This is a daemon which handles the task of connecting periodically to the Red Hat Network servers to check for updates, notifications and perform system monitoring tasks according to the service level that this server is subscribed for  
 sendmail Yes Sendmail is a Mail Transport Agent, which is the program that moves mail from one machine to another.
 single No
 
 snmpd No Simple Network Management Protocol (SNMP) Daemon
 snmptrapd No Simple Network Management Protocol (SNMP) Trap Daemon
 sshd Yes OpenSSH server daemon
 syslog Yes Syslog is the facility by which many daemons use to log messages to various system log files. It is a good idea to always run syslog.
 vncserver No Starts and stops vncserver. used to provide remote X administration services.
 webmin Yes Start or stop the Webmin server
 xfs Yes Starts and stops the X Font Server at boot time and shutdown. It also takes care of (re-)generating font lists.
 xinetd Yes xinetd is a powerful replacement for inetd. xinetd has access control machanisms, extensive logging capabilities, the ability to make services available based on time, and can place limits on the number of servers that can be started, among other things.
 ypbind No This is a daemon which runs on NIS/YP clients and binds them to a NIS domain. It must be running for systems based on glibc to work as NIS clients, but it should not be enabled on systems which are not using NIS.
 yppasswdd No yppasswdd is the RPC server that lets users change their passwords in the presence of NIS (a.k.a. YP). It must be run on the NIS master server for that NIS domain. The client program is knwon as yppasswd in most cases.
 ypserv No ypserv is an implementation of the standard NIS/YP networking protocol. It allows network-wide distribution of hostname, username, and other information databases. This is the NIS server, and is not needed on NIS clients.
 ypxfrd No ypxfrd should be started in addition to ypserv to accelerate transferring yp maps.
 /etc/rc.d/rc.local Yes
 

[ October 01, 2002: Message edited by: fuckoffmicrosoft ]

[voidmain]

Huh? What's all this about?

[fuckoffmicrosoft]

thats my running processes and i dont know what needs to be running and what dont. Im usin this for server

[voidmain]

Ok, first of all could I get you to go edit your first post and remove everything between the CODE brackets so it doesn't screw up the formatting of this thread?

Now let's take it a step at a time and we'll get you going. What distro are you running?

[fuckoffmicrosoft]

redhat 7.3

[voidmain]

Thank you sir. Now I assume based on the title of this thread that you would like to set up an "anonymous" FTP server, and a web server (with PHP and MySQL support).

The first thing you want to do is make sure you have the appropriate software installed. We'll start with FTP. RedHat comes with wu-ftp by default but proftpd is a very good (if not better) FTP server, we'll use wu-ftp since that is what you have. Open a shell and become root (su -). Type:

# rpm -qa | grep ftp

You should see "wu-ftpd" and "anonftp" in the list. If you do not, stick your RedHat 7.3 disc 2 in your CD drive and type:

# mount /mnt/cdrom
# cd /mnt/cdrom/RedHat/RPMS
# rpm -Uvh wu-ftpd*
# rpm -Uvh anonftp*

Then type:
# /sbin/chkconfig wu-ftpd on
# /sbin/service xinetd reload

to set it to start automatically at bootup and to refresh xinetd so it will be available now. You should now be able to log into your server via ftp using the "anonymous" userID. By default noone will have write access to the directories you get when you log on anonymously. You can change that by manipultating the wu-ftpd configuration files, most importantly /etc/ftpaccess (see "man ftpaccess" for more info).

Now for your web server. Make sure you have apache, mysql, and php installed:

# rpm -qa | grep apache

You should get at least "apache" in your list. Optionally you can install "apache-conf" which is a graphical utility to configure apache with (I don't use it, but opt for manually editing the config files).

If not, install the "apache*" RPMS from your RedHat CDs in the same manner we did with FTP.

Now make sure you have MySQL installed:

# rpm -qa | grep mysql

You should have "mysql" and "mysql-server" in your list, if not, install them from the CDs.

Now PHP:

# rpm -qa | grep php

You should have at least "php" and "php-mysql" in your list, if not install them.

Now, make sure mysql and apache are set to start at bootup and start them now:

# /sbin/chkconfig mysqld on
# /sbin/service mysqld start
# /sbin/chkconfig httpd on
# /sbin/service httpd start

Now you should have everything running that you want. You may want to make some configuration changes.

The anonymous FTP server root directory is /var/ftp (put files for people to download under /var/ftp/pub). The Apache default web root directory is /var/www/html, change your web site under that directory.

This is the basics. It does in no way account for making your server secure if you plan on making it publicly available on the internet. Things I do to secure my servers are to turn off all unneccessary services. To see what is currently turned on do a "/sbin/chkconfig --list | grep on". I also make sure all relevent packages are up to date with all the latest security fixes. I also make sure I don't insecurely configure any of my services that I do run.

You can optionally set up iptables for firewalling but if everything is configured and updated it really isn't necessary unless you want to block specific addresses or networks, or log suspicious activity. There are other apps you can install to detect intrusion attempts etc but we'll leave this until after you get your system running the way you want.

Hope this helps.

[fuckoffmicrosoft]

what is the services that need to be running that is question should have been more specific.Is there a log that will tell me?

[voidmain]

I just told you in my instructions. For MySQL it's "mysqld", for Apache it's "httpd". wu-ftpd does not run as a service but is spawned by the inetd (xinetd) super server.

[fuckoffmicrosoft]

Ahh ahh here we go

http://jeujeu.ath.cx/New%20Text%20Document.txt

[fuckoffmicrosoft]

HEHE your posting faster than i can

ok so everything but iptaples,xinetd,mysqld,httpd

[voidmain]

There are a lot of things in that list that should be turned off. If it would be my machine I would turn off:

sendmail (unless you are using the machine as an SMTP server)
netfs
ipchains
lpd
portmap
rhnsd
autofs
nfslock
isdn


The rest I would leave on. I also would not run X on the machine if it is a server (change the initdefault from 5 to 3 in /etc/inittab, then type "init 3").

Everything else I would leave on.

[Master of Reality]

i was gonna post this exact same quesiton last night (almost the same) but i got distracted by porno.

[fuckoffmicrosoft]

THANX MAN This has got to be the best linux site ever

[Master of Reality]

well.... i got a hell of a lot of things running that wasnt posted up there.
Can anyone tell me what they are??:
(i left out the things like httpd, mysql, proftp, and the necassary ones)
  PID TTY          TIME CMD
    2 ?        00:00:00 keventd
    3 ?        00:00:00 kapmd
    4 ?        00:00:00 ksoftirqd_CPU0
    5 ?        00:00:01 kswapd
    6 ?        00:00:00 bdflush
    7 ?        00:00:00 kupdated
    8 ?        00:00:00 mdrecoveryd
   12 ?        00:00:01 kjournald
   91 ?        00:00:00 khubd
  477 ?        00:00:00 dhcpcd
  631 ?        00:00:00 klogd
  983 ?        00:00:00 unlinkd

[ October 01, 2002: Message edited by: The Master of Reality / Bob ]

[voidmain]

Now that you have everything up and running, make a trip to RedHat's web site and look at the errata section under support. You'll probably want to upgrade your "php", "openssl", and your "ssh" packages. Also look to see if there are any updates for "apache" and "wu-ftpd".

If you don't plan exposing this machine directly to the internet then I wouldn't worry so much about updating the packages, or turning off extra services for that matter.

If your machine is exposed to the internet it is wise to keep an eye on RedHat's errata, and subscribe to the CERT mailing list (from cert.org) so you will be notified of any new vulnerabilities immediately.

[ October 01, 2002: Message edited by: void main ]