Removing Unnecessary Software Packages (RPMs)
It is a good practice not to have development packages, desktop software packages (e.g. X Server) etc. installed on production servers. Other packages like FTP and Telnet daemons should not be installed as well unless there is a justified business reason for it (SSH/SCP/SFTP should be used instead).
One of the first action items should be to create a Linux image that only contains RPMs needed by the applications, and needed for maintenance and troubleshooting purposes.
A good approach is to start with a minimum list of RPMs and then add packages as needed. It may be time-consuming but worth the efforts.
To get a list of all installed RPMs you can use the following command:
If you want to know more about a particular RPM, run:
To check for and report potential conflicts and dependencies for deleting a RPM, run:
A very important step in securing a Linux system is to determine the primary function or role of the Linux server.
Leave a Reply
You must be logged in to post a comment.
