Network Services and Daemons

Modern Linux systems rely on a wide range of background services to provide networking, security, logging, and automation. This module introduces the concept of network services and daemons, explaining how they work together to deliver reliable and scalable functionality on multi-user systems.

Although many legacy UNIX concepts still influence today’s platforms, modern Linux distributions now emphasize service managers, secure protocols, and event-driven startup models. Understanding these fundamentals is essential for administering networked systems securely and efficiently.

By the end of this module, you will be able to:

1. Describe the functional differences between TCP and UDP network services
2. Explain the role of the /etc/services file and well-known port numbers
3. Understand how services are started, supervised, and monitored on modern Linux systems
4. Identify common network services and safely test connectivity using contemporary tools

What Is a Daemon?

In multitasking operating systems, a daemon is a long-running background process that performs a specific function without direct user interaction. Daemons typically start at system boot and remain active to respond to events such as network requests, hardware changes, or scheduled tasks.

By convention, many daemon names historically ended with the letter d, indicating their background role. Common examples include:

• sshd — handles incoming Secure Shell (SSH) connections
• systemd-journald — manages system logging
• cron — executes scheduled jobs

In traditional UNIX systems, daemons were often adopted by the init process after being spawned and detached from any controlling terminal. Modern Linux systems now use service managers such as systemd, which provide dependency tracking, automatic restarts, logging integration, and fine-grained service control.

Beyond networking, daemons are responsible for tasks such as device management, time synchronization, monitoring, and automation—making them foundational to system stability.

Network Services in Context

A network service is a daemon that listens on a specific port and responds to requests using a defined protocol. Each service is typically associated with a transport protocol—most commonly TCP or UDP—and a well-known port number.

The /etc/services file provides a standardized mapping between service names and port numbers. While modern applications often hard-code ports internally, this file remains an important reference for administrators and diagnostic tools.

Security considerations are central to service design today. Legacy cleartext protocols such as Telnet and FTP are deprecated and should be replaced with encrypted alternatives such as SSH, SFTP, or FTPS. Likewise, obsolete cryptographic algorithms have been replaced with modern encryption and hashing standards.

The Internet Super-Server (Historical Context)

Earlier UNIX systems used a centralized service dispatcher known as the Internet daemon, or inetd. Rather than running many services continuously, inetd listened for incoming requests and launched the appropriate service on demand.

A typical startup script on older systems resembled:

/etc/rc2.d/S72inetsvc

Service definitions were stored in /etc/inetd.conf, allowing administrators to enable or disable services from a single configuration file. An example legacy entry appears below:

ftp  stream  tcp6  nowait  root  /usr/sbin/in.ftpd  in.ftpd

Modern systems have largely replaced inetd with more robust frameworks such as xinetd or native service managers like systemd. These tools offer improved security controls, logging, and resource management while maintaining compatibility with on-demand service activation.

Understanding inetd remains useful when maintaining legacy systems or interpreting older documentation, but production environments should rely on contemporary service management practices.