Mar 092014

Lets check to see what services are running on the system using the following commands.

[[email protected]]# ps ax
Sample Output


    2 ?        S      0:00 [kthreadd]
    3 ?        S      0:00  \_ [migration/0]
    4 ?        S      0:09  \_ [ksoftirqd/0]
    5 ?        S      0:00  \_ [migration/0]
    6 ?        S      0:24  \_ [watchdog/0]
    7 ?        S      2:20  \_ [events/0]
    8 ?        S      0:00  \_ [cgroup]
    9 ?        S      0:00  \_ [khelper]
   10 ?        S      0:00  \_ [netns]
   11 ?        S      0:00  \_ [async/mgr]
   12 ?        S      0:00  \_ [pm]
   13 ?        S      0:16  \_ [sync_supers]
   14 ?        S      0:15  \_ [bdi-default]
   15 ?        S      0:00  \_ [kintegrityd/0]
   16 ?        S      0:49  \_ [kblockd/0]
   17 ?        S      0:00  \_ [kacpid]
   18 ?        S      0:00  \_ [kacpi_notify]
   19 ?        S      0:00  \_ [kacpi_hotplug]
   20 ?        S      0:00  \_ [ata_aux]
   21 ?        S     58:46  \_ [ata_sff/0]
   22 ?        S      0:00  \_ [ksuspend_usbd]
   23 ?        S      0:00  \_ [khubd]
   24 ?        S      0:00  \_ [kseriod]

Now, let’s  look at the processes accepting connection (ports) using the netstat command:

[[email protected]]# netstat -lp
Sample Output
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   
tcp        0      0 *:31138                     *:*                         LISTEN      1485/rpc.statd      
tcp        0      0 *:mysql                     *:*                         LISTEN      1882/mysqld         
tcp        0      0 *:sunrpc                    *:*                         LISTEN      1276/rpcbind        
tcp        0      0 *:ndmp                      *:*                         LISTEN      2375/perl           
tcp        0      0 *:webcache                  *:*                         LISTEN      2312/monitorix-http 
tcp        0      0 *:ftp                       *:*                         LISTEN      2174/vsftpd         
tcp        0      0 *:ssh                       *:*                         LISTEN      1623/sshd           
tcp        0      0 localhost:ipp               *:*                         LISTEN      1511/cupsd          
tcp        0      0 localhost:smtp              *:*                         LISTEN      2189/sendmail       
tcp        0      0 *:cbt                       *:*                         LISTEN      2243/java           
tcp        0      0 *:websm                     *:*                         LISTEN      2243/java           
tcp        0      0 *:nrpe                      *:*                         LISTEN      1631/xinetd         
tcp        0      0 *:xmltec-xmlmail            *:*                         LISTEN      2243/java           
tcp        0      0 *:xmpp-client               *:*                         LISTEN      2243/java           
tcp        0      0 *:hpvirtgrp                 *:*                         LISTEN      2243/java           
tcp        0      0 *:5229                      *:*                         LISTEN      2243/java           
tcp        0      0 *:sunrpc                    *:*                         LISTEN      1276/rpcbind        
tcp        0      0 *:http                      *:*                         LISTEN      6439/httpd          
tcp        0      0 *:oracleas-https            *:*                         LISTEN      2243/java         

In the above output, you notice that some of the applications you may not needed on your server but they are still running as follows:

1. smbd and nmbd

smbd and nmbd are daemon of Samba Process. Do you really need to export smb share on windows or other machine. If not! why are these processes running? You can safely kill these processes and disable them from starting automatically when machine boots the next time.

2. Telnet

Do You need bidirectional interactive text-oriented communication over internet or local area network? If not! kill this process and turn-off it from starting at booting.

3. rlogin

Do you need to log in to another host over network. If not! Kill this process and disable it from starting automatically at boot.

4. rexec

The Remote Process Execution aka rexec lets you execute shell commands on a remote computer. If you don’t require to execute shell command on a remote machine, simply kill the process.

5. FTP

Do you need to transfer files from one host to another host over Internet? If not you can safely stop the service.

6. automount

Do you need to mount different file systems automatically to bring up network file system? If not! Why is this process running? Why are you letting this application to use you resource? Kill the process and disable it from starting automatically.

7. named

Do you need to run NameServer (DNS)? If not what on earth is compelling you to run this process and allow eating up your resources. Kill the running process first and then turn-off it from running it at boot.

8. lpd

lpd is the printer daemon which makes it possible to print to that server. If you don’t need to print from the server chances are your system resources are being eaten up.

9. Inetd

Are you running any inetd services? If you are running stand alone application like ssh which uses other stand alone application like Mysql, Apache, etc. then you don’t need inetd. better kill the process and disable it starting next time automatically.

10. portmap

Portmap which is an Open Network Computing Remote Procedure Call (ONC RPC) and usages daemon rpc.portmap and rpcbind. If these Processes are running, means you are running NFS server. If NFS server is running unnoticed means your system resources are being used up un-necessarily.

How to Kill a Process in Linux

In order to kill a running process in Linux, use the ‘Kill PID‘ command. But, before running Kill command, we must know the PID of the process. For example, here I want to find a PID of ‘cupsd‘ process.

[[email protected]]# ps ax | grep cupsd

1511 ?        Ss     0:00 cupsd -C /etc/cups/cupsd.conf

So, the PID of ‘cupsd‘ process is ‘1511‘. To kill that PID, run the following command.

[[email protected]]# kill -9 1511

How to Disable a Service in Linux

In Red Hat based distributions such as Fedora and CentOS, we will use a script called ‘chkconfig‘ to enable and disable the running services in Linux.

For example, lets disable the Apache web server at the system startup.

[[email protected]]# chkconfig httpd off
[[email protected]]# chkconfig httpd --del

In Debian based distributions such as Ubuntu, Linux Mint and other Debian based distributions, use a script called update-rc.d.

For example, to disable the Apache service at the system startup execute the following command. Here ‘-f’ option stands for force.

[[email protected]]# update-rc.d -f apache2 remove

After making these changes, The system next time will boot without these unnecessary processes.

Share This!
 Posted by at 10:29 am

Sorry, the comment form is closed at this time.