Don't use the following insecure services. Most of these services
are enabled or disabled from linuxconf,
/etc/xinetd.d/* or /etc/inetd.conf.
rsh (remots shell)
rlogin (remote login)
finger (who really needs to know who is logged into your computer
from another computer? You can always use w)
sendmail (smtp) (sendmail should only be run on e-mail servers)
snmp (Simple Network Management Protocol)
If you need telnet, rsh, rlogin, consider using ssh instead.
If you need to close port 6000 (X11 ports), you can usually close
them if you use "-nolisten tcp" option when the X server is started.
There are many locations and ways to start the X server. If you are
using Gnome, you can edit /etc/X11/gdm/gdm.conf and make the following
changes:
If a web server is installed, at least change the default web page
to something useful. It makes it easier to determine if web server needs
to be running.
You probably don't need the anonymous account enabled FTP (when FTP
needs to be enabled). Make sure the anonymous account is disabled.
You can use "netstat -atu" to see what TCP and UDP
ports are open and available to the network on your computer.
Occasionally look at the OS logs, which are typically in
/var/log/messages