Guide to Server Security

Step 1 Finding the open ports on your system.
The first thing to do with your server is determine what is suppose to be running on your server.
You can run "ps axw" from the console to see what is running on your server.
The following is a snippip from "ps axw" on one of my servers
    1 ?        S      0:04 init [3] 
    2 ?        SW     0:00 [keventd]
    3 ?        SW     0:00 [kapm-idled]
    4 ?        SWN    0:00 [ksoftirqd_CPU0]
    5 ?        SW     0:00 [kswapd]
    6 ?        SW     0:00 [kreclaimd]
    7 ?        SW     0:00 [bdflush]
    8 ?        SW     0:00 [kupdated]
I will break down a line and show you what it means.
    1 ?        S      0:04 init [3] 
  • the PID or process id is "1" for this process,
  • the TTY or terminal that this process is running under is ? because its not running under a terminal but is a background process running on its own,
  • the STAT is the state of the program, S is sleeping, W means it has no resident pages, and N means its a low priority task. More information can be found doing "man ps",
  • TIME is the processor time used by the process,
  • and finally COMMAND is the program or process running. In this case it is the system init process running at level 3
What you are looking for here are process/programs running that your not aware of. You should know what each of these processes are and if they should be there. If you find one your in question about you should research it and determine if it is suppose to be running.
Previous Page Next Page

Created by Red Dragon for Red Dragon Enterprises™.
Red Dragon Enterprises™ © Dec 2001. All rights reserved.