优化
apt-get -y purge apache2-* bind9-* xinetd samba-* nscd-* portmap sendmail-* sasl2-bin apt-get -y purge lynx memtester unixodbc python-* odbcinst-* sudo tcpdump ttf-* apt-get autoremove && apt-get clean
内容
多余的服务类软件(会自己启动,影响较大的):
apache2-* //apache服务器,我们一般自己重装或者换Nginx等等
bind9-* //dns服务器,我们一般不在自己VPS上搭建DNS服务器,果断卸掉
xinetd //xinetd是服务守护进程,比如平时ftp服务器未开启,发现有人访问21端口则自动启动ftp服务器。VPS不需要
samba-* //samba能让linux系统使用windows的共享功能,VPS显然不需要
nscd-* //DNS缓存软件,同bind9,不需要
portmap //端口转发,一般Web服务器不需要
sendmail-* //发送邮件用,一般程序都使用php-sendmail,不需要这个
sasl2-bin //一个权限程序,不光占用资源,还容易在建立系统账户时候出错,果断删掉
多余的系统组件(不会自启动,但是占用硬盘,也许还会造成冲突什么的):
lynx //文本浏览器,一般人系用不到滴~~
memtester //测试内存有没有坏,我没那么无聊……
unixodbc odbcinst-* //odbc数据库,主要给windows用,做网站一般用不到
python-* //大名鼎鼎的Python语言,如果正常玩linux很可能用到,但是Web服务器是用不到的
sudo //让授权过的普通用户获得root权限,VPS不需要
tcpdump //TCP抓包,你用么?
ttf-* //桌面环境用的字体,我们只要命令行……
优化
卸载不常用的东西
yum remove Deployment_Guide-en-US finger cups-libs cups ypbind yum remove bluez-libs desktop-file-utils ppp rp-pppoe wireless-tools irda-utils yum remove sendmail* samba* talk-server finger-server bind* xinetd yum remove nfs-utils nfs-utils-lib rdate fetchmail eject ksh mkbootdisk mtools yum remove syslinux tcsh startup-notification talk apmd rmt dump setserial portmap yp-tools yum groupremove "Mail Server" "Games and Entertainment" "X Window System" "X Software Development" yum groupremove "Development Libraries" "Dialup Networking Support" yum groupremove "Games and Entertainment" "Sound and Video" "Graphics" "Editors" yum groupremove "Text-based Internet" "GNOME Desktop Environment" "GNOME Software Development"
禁用 seLinux
sestatus #先执行看seLinux状态,如果不是disabled,就需要执行下面步骤,否则不要执行 vi /etc/selinux/config SELINUX=disabled #禁用SeLinux SELINUX=enforcing #使用SeLinux
禁止IPV6
vi /etc/modprobe.conf #打开文件,把下面两行加到最后 alias net-pf-10 off alias ipv6 off
禁止无用服务
#! /bin/bash service acpid off service atd stop service auditd stop service avahi-daemon stop service avahi-dnsconfd stop service bluetooth stop service conman stop service cpuspeed stop service cups stop service dnsmasq stop service dund stop service firstboot stop service hidd stop service httpd stop service ibmasm stop service ip6tables stop service irda stop service kdump stop service lm_sensors stop service mcstrans stop service messagebus stop service microcode_ctl stop service netconsole stop service netfs stop service netplugd stop service nfs stop service nfslock stop service nscd stop service ntpd stop service oddjobd stop service pand stop service pcscd stop service portmap stop service psacct stop service rdisc stop service restorecond stop service rpcgssd stop service rpcidmapd stop service rpcsvcgssd stop service saslauthd stop service sendmail stop service setroubleshoot stop service smb stop service vncserver stop service winbind stop service wpa_supplicant stop service xfs stop service ypbind stop service yum-updatesd stop chkconfig acpid off chkconfig atd off chkconfig auditd off chkconfig avahi-daemon off chkconfig avahi-dnsconfd off chkconfig bluetooth off chkconfig conman off chkconfig cpuspeed off chkconfig cups off chkconfig dnsmasq off chkconfig dund off chkconfig firstboot off chkconfig hidd off chkconfig httpd off chkconfig ibmasm off chkconfig ip6tables off chkconfig irda off chkconfig kdump off chkconfig lm_sensors off chkconfig mcstrans off chkconfig messagebus off chkconfig microcode_ctl off chkconfig netconsole off chkconfig netfs off chkconfig netplugd off chkconfig nfs off chkconfig nfslock off chkconfig nscd off chkconfig ntpd off chkconfig oddjobd off chkconfig pand off chkconfig pcscd off chkconfig portmap off chkconfig psacct off chkconfig rdisc off chkconfig restorecond off chkconfig rpcgssd off chkconfig rpcidmapd off chkconfig rpcsvcgssd off chkconfig saslauthd off chkconfig sendmail off chkconfig setroubleshoot off chkconfig smb off chkconfig vncserver off chkconfig winbind off chkconfig wpa_supplicant off chkconfig xfs off chkconfig ypbind off chkconfig yum-updatesd off 这个你可以自己复制运行也可以做成 Shell
