Member-only story
Why I Never Trust Pre-Installed Packages on Linux or Ubuntu Servers
--
Share
Intro
When spinning up a fresh Ubuntu or Linux server, it’s easy to assume that what comes “pre-installed” is safe. But in my experience, that’s a dangerous assumption. I’ve learned (sometimes the hard way) that default packages — whether from the OS image or hosting provider — can introduce risk, bloat, or even hidden vulnerabilities.
In this blog, I’ll explain why I audit every fresh install, what I check, and how I trim unnecessary packages without breaking essential functionality.
1. Hosting Providers Often Add Unwanted Extras
Many cloud providers (especially shared or VPS ones) bake in tools or agents you didn’t ask for — monitoring agents, backup tools, analytics, or even remote support services.
✅ Check what’s running:
sudo ps aux --sort=-%mem | head -20sudo systemctl list-units --type=service
2. Hidden Backdoors Are Rare… But Not Impossible
Even well-known distributions sometimes come with risky defaults. For example, telnet, ftp, or older versions of openssl can still be present in legacy images.
Top comments (1)
Some comments may only be visible to logged-in visitors. Sign in to view all comments.