On Sat, August 29, 2015 3:56 pm, to...@tuxteam.de wrote: >> tcp 0 0 0.0.0.0:9999 0.0.0.0:* LIS 561/inetd > > As others noted: what's inetd doing on 9999? Do have a look at > its config files (somewhere in /etc/inetd.conf).
As I noted previously, port 9999 is the approx server; there is a line for it in /etc/inetd.conf: #:OTHER: Other services 9999 stream tcp nowait approx /usr/sbin/approx /usr/sbin/approx >> tcp 0 0 0.0.0.0:22 0.0.0.0:* LIS 568/sshd > > Common wisdom is to keep that (but to secure it properly, by disabling > root logins and possibly passwrd logins). Perhaps you can ssh into your > laptop should the UI become unresponsive for some reason (e.g. X botches > the graphics card but you still have some running programs you'd want to > finalize in an orderly mode). On the desktop, I do use "screen" over ssh to access another desktop, but I can do without ssh access to the laptop. >> tcp 0 0 127.0.0.1:631 0.0.0.0:* LIS 1248/cupsd > > Are you using your laptop as a print server? If not, the cups-client > package might be enough. Then should I unistall the cups-daemon and cups-server-common packages? >> tcp 0 0 127.0.0.1:5432 0.0.0.0:* LIS 675/postgres tcp >> 0 0 127.0.0.1:25 0.0.0.0:* LIS 1063/exim4 > > Database server, mail server. What are they doing? For postgres, > you could configure it to just serve over an UNIX domain socket, if the > only applications around connect locally. Your call. For exim4 (mail > server)... depends on your mail setup. I thought that I had left mail unconfigured, but perhaps not. >> tcp 0 0 127.0.0.1:2628 0.0.0.0:* LIS 599/0 > > Uh -- what is *this*? A process called "0"? Looks really strange > to me. 2628 turns out to be the port for the dictionary server; I am using localhost as the server. >> udp 0 0 192.168.1.99:123 0.0.0.0:* 664/ntpd udp 0 >> 0 127.0.0.1:123 0.0.0.0:* 664/ntpd udp 0 0 >> 0.0.0.0:123 0.0.0.0:* 664/ntpd >> > > Providing time services? No. I simply was trying to make the laptop synchronize its clock whenever it connects to the Internet. It appears that the package ntpdate is adequate for a laptop, and that is the package I should have installed; but I installed package ntp, which obviates the need for ntpdate. > I'd disable/uninstall many of those. OTOH, you might need them in other > settings, so firewalling them out might be the right choice (and a chance > to learn iptables :-) At this point, I think that I should make a fresh installation, keeping in mind the comments which you and others have made. RLH
