Debian developers take system security seriously. Many daemon services are
installed with the fewest services and features enabled.
Run ps aux or check the contents of /etc/init.d/* and
/etc/inetd.conf, if you have any doubts (about Exim, DHCP, ...).
Also check /etc/hosts.deny as in Restricting logins with PAM, Section
9.2.1. The pidof command is also useful (see