hi,

i a want to harden my linux server and am having questions what certain process are good for. if they are neccessary i would at least you iptables to at least make them not visible to outside world.

my purposes: running apache, mysql (but localhost), remote login, mail, to outside world, that means: http, https, sshd,

Active Internet connections (listening)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 localhost:2912 30562/php
tcp 0 0 *:993 5072/couriertcpd
tcp 0 0 *:995 5094/couriertcpd
tcp 0 0 *:3306 18393/mysqld
tcp 0 0 *:106 5112/xinetd
tcp 0 0 *:110 5084/couriertcpd
tcp 0 0 *:143 5053/couriertcpd
tcp 0 0 *:111 4954/portmap
tcp 0 0 *:8880 5803/httpsd
tcp 0 0 *:465 5112/xinetd
tcp 0 0 localhost:53 10496/named
tcp 0 0 *:21 5112/xinetd
tcp 0 0 localhost:5432 5697/postmaster
tcp 0 0 localhost:953 10496/named
tcp 0 0 *:25 5112/xinetd
tcp 0 0 *:8443 5803/httpsd
tcp 0 0 localhost:2911 30697/monit
tcp 0 0 *:80 27730/httpd2-prefor
tcp 0 0 *:22 5145/sshd
tcp 0 0 localhost:5432 5697/postmaster
tcp 0 0 *:443 27730/httpd2-prefor
udp 0 0 *:32939 10496/named
udp 0 0 localhost:53 10496/named
udp 136080 0 *:68 4750/dhcpcd
udp 0 0 *:111 4954/portmap
udp 0 0 *:123 5319/ntpd
udp 0 0 *:32940 10496/named
udp 0 0 *:123 5319/ntpd

main ports/processes i am a bit curious, whether to shut down or not:
ntpd (i am not using it as time server)
couriertcpd
named
monit
dhcpd (server should not be a router)
portmap

many thanks!