On a linux server (and most other server environments) the purpose is to provide services to clients. Many times, the server administrator want to make sure that their server doesn't have any other services running that shouldn't be.
For example, if you have a Linux VPS meant specifically for hosting a website, you shouldn't have any random services running that wouldn't be related to running your website or managing your server.
There are a few ways to check what's running in the background, depending on the information we are looking for. Below, we'll list out a few ways to check what services your linux server is providing:
Netsat - Checking open TCP/UDP Ports:
- Connect to your server via SSH
- Install the 'netstat' package if it isn't already installed
- run the following: netstat -tulpn
- See the following example output:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 875/zabbix_agentd
tcp 0 0 0.0.0.0:2200 0.0.0.0:* LISTEN 777/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 856/master
tcp 0 0 :::10050 :::* LISTEN 875/zabbix_agentd
tcp 0 0 :::2200 :::* LISTEN 777/sshd
With the above, we can see that there are ports open for a Zabbix agent, Mail service and the SSH service
SysVinit Systems
- Connect to your server via SSH
- # service --status-all
- An example of the output:
acpid is stopped
auditd (pid 721) is running...
crond (pid 891) is running...
filebeat-god (pid 909) is running...
ip6tables: Firewall is not running.
iptables: Firewall is not running.
netconsole module not loaded
Configured devices:
lo eth0
Currently active devices:
lo eth0
master (pid 856) is running...
rdisc is stopped
rsyslogd (pid 743) is running...
sandbox is stopped
saslauthd is stopped
openssh-daemon (pid 777) is running...
xinetd is stopped
zabbix_agentd (pid 875) is running...
From the above, we fcan see that other installed service are stopped while SSH, The Zabbix Agent and a few others are running. Note this output doesn't show port numbers for the respected service however it shows other services running on the server that aren't accessed via the Internet.
Systemd Systems
- Connect to your server via SSH
- # systemctl list-units --type service
- An example of the output:
UNIT LOAD ACTIVE SUB DESCRIPTION
atop.service loaded active running Atop advanced performance monitor
auditd.service loaded active running Security Auditing Service
chronyd.service loaded active running NTP client/server
crond.service loaded active running Command Scheduler
dbus.service loaded active running D-Bus System Message Bus
filebeat.service loaded active running filebeat
[email protected] loaded active running Getty on tty1
● kdump.service loaded failed failed Crash recovery kernel arming
lvm2-lvmetad.service loaded active running LVM2 metadata daemon
lvm2-monitor.service loaded active exited Monitoring of LVM2 mirrors, snapshots etc. using dmeventd or progress polling
mdmonitor.service loaded active running Software RAID monitoring and management
network.service loaded active exited LSB: Bring up/down networking
polkit.service loaded active running Authorization Manager
pure-ftpd.service loaded active running Pure-FTPd FTP server
rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg
rhel-readonly.service loaded active exited Configure read-only root support
rsyslog.service loaded active running System Logging Service
smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon
sshd.service loaded active running OpenSSH server daemon
systemd-fsck-root.service loaded active exited File System Check on Root Device
[email protected] loaded active exited File System Check on /dev/md3
systemd-journal-flush.service loaded active exited Flush Journal to Persistent Storage
systemd-journald.service loaded active running Journal Service
systemd-logind.service loaded active running Login Service
systemd-random-seed.service loaded active exited Load/Save Random Seed
systemd-readahead-collect.service loaded active exited Collect Read-Ahead Data
systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems
systemd-sysctl.service loaded active exited Apply Kernel Variables
systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev
systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories
systemd-udev-trigger.service loaded active exited udev Coldplug all Devices
systemd-udevd.service loaded active running udev Kernel Device Manager
systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown
systemd-user-sessions.service loaded active exited Permit User Sessions
systemd-vconsole-setup.service loaded active exited Setup Virtual Console
tuned.service loaded active running Dynamic System Tuning Daemon
zabbix-agent.service loaded active running LSB: Start and stop Zabbix agent
Similar to the SysVinit method, it will list out all services running on the system - including both internet connected and local services. Again, similar to the SysVinit method, you won't see the port numbers associated with the internet connected services.
Conclusion
In this article, we've explored the various ways to check on the running services/daemons on your Linux system.
If you have any questions about this or any other article, please don't hesitate to contact us at [email protected]
