Use netstat to find listening sockets. This is useful when you want to see what services are running. It is generally a good idea to have a minimum number of services running in order to maintain as small an attack surface as possible to external clients. It also provides some benefit to cpu utilization and scheduling.
-n shows ports as numbers, -p shows the program id (PID), -l shows listening sockets only
~# netstat -npl Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 493/sshd tcp6 0 0 :::22 :::* LISTEN 493/sshd udp 0 0 0.0.0.0:32258 0.0.0.0:* 468/dhclient udp 0 0 0.0.0.0:68 0.0.0.0:* 468/dhclient udp6 0 0 :::22679 :::* 468/dhclient
Another way to determine what services are operational is through the use of a variant of the systemctl command:
~# systemctl list-unit-files --type=service | grep enabled anacron-resume.service enabled anacron.service enabled bluetooth.service enabled cron.service enabled dbus-org.bluez.service enabled getty@.service enabled rsyslog.service enabled ssh.service enabled sshd.service enabled syslog.service enabled systemd-timesyncd.service enabled
Unwanted services can be disabled with:
systemctl disable service_name
Collecting Ubuntu Linux System Information is an article with many interesting commands for obtaining system information. Most commands are also applicable to Debian.