I’m no sysadmin, so please bear with me.
I’d need your advice on basic system settings and network security policy before I move onto storage configuration and connect any external storage disks.
Server version: F35 ARM Server
HW for test: R Pi 3B+
After I update the system for the first time, I recall there are hundreds of services updated in Cockpit. Services are activated by default without realizing it. I ran the following command in the Cockpit terminal. Not sure which are unwanted services that are exposed.
$ ss -ltpn
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 5 127.0.0.1:4330 0.0.0.0:*
LISTEN 0 511 127.0.0.1:6379 0.0.0.0:*
LISTEN 0 4096 0.0.0.0:5355 0.0.0.0:*
LISTEN 0 64 127.0.0.1:34417 0.0.0.0:* users:((“cockpit-bridge”,pid=24082,fd=9))
LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 5 127.0.0.1:44321 0.0.0.0:*
LISTEN 0 128 0.0.0.0:44322 0.0.0.0:*
LISTEN 0 128 0.0.0.0:44323 0.0.0.0:*
LISTEN 0 5 [::1]:4330 [::]:*
LISTEN 0 511 [::1]:6379 [::]:*
LISTEN 0 4096 [::]:5355 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 5 [::1]:44321 [::]:*
LISTEN 0 128 [::]:44322 [::]:*
LISTEN 0 4096 :9090 :
LISTEN 0 128 [::]:44323 [::]:
I’m not sure if I can do all config in Cockpit’s graphical interface (network-manager)??
I don’t mind using the command line/script for fine-grained control. The built-in terminal in Cockpit is really handy.
Are the results of ss -ltpn above nothing to worry about?