DEV Community

Faruk
Faruk

Posted on • Originally published at Medium

Why I Never Trust Pre-Installed Packages on Linux or Ubuntu Servers | by Faruk Ahmed | Jun, 2025

Member-only story

Why I Never Trust Pre-Installed Packages on Linux or Ubuntu Servers

--

Share

When I spin up a fresh server, the first thing I do?

I uninstall things.

That might sound paranoid. But experience (and audits) taught me:

“Default isn’t always safe.”

“Default isn’t always safe.”

Here’s why pre-installed packages can silently weaken your server security — and what I do instead.

🧨 Problem #1: Bloat You Didn’t Ask For

On many Ubuntu cloud images or even some Linux VPS setups, you’ll find:

  • snapd installed (often unused and outdated)
  • Web servers like apache2 quietly running
  • Monitoring agents or telemetry tools

These packages increase attack surface — especially if you don’t patch them (because you didn’t know they were there).

✅ Fix:

sudo apt remove apache2 snapd landscape-common
Enter fullscreen mode Exit fullscreen mode

🕵️ Problem #2: Services Running in Background

Try this:

sudo ss -tulpn
Enter fullscreen mode Exit fullscreen mode

I once found an old rsync daemon active from a template image — wide open to the internet.


👉 Read Full Blog on Medium Here

Top comments (0)