Linux Server Security Solution

There are many things worth learning about linux servers. Here we mainly introduce the security issues of linux servers, including preventive measures.

We all know that enterprise information is often stored on servers, but there are inevitable security risks on servers that may concern our network administrators. How can we eliminate these risks and prevent them with ease? The following is a brief introduction to Linux server security.

Boot appears after the Linux server is started: when prompted, use a special command, such as Linuxsingle or Linux 1, to enter the Single-User mode ). This command is very useful, such as forgetting the root password. Restart the system and enter Linux single (or Linux 1) at the boot prompt. After a Super User enters the system, edit the Passwd file and remove x from the root line.

Countermeasure:
Log on to the system as the root user, edit the/etc/inittab file, change the id: 3: initdefault settings, and add an additional row (as shown below) to the file ), when the system restarts and enters the single-user mode, the system prompts you to enter the Super User Password:
S: walt:/sbin/sulogin
Then run the command/sbin/init q to make the setting take effect.
Transmit dangerous parameters to the core at system startup
The most common boot loader tool in Linux is LILO, which manages the startup system (which can be added to other partitions and operating systems ). However, some illegal users may casually start Linux or pass dangerous parameters to the core at system startup, which is also quite dangerous.

Countermeasure:
Edit the file/etc/lilo. conf: add the restricted parameter to it. This parameter must be used together with the password parameter to be discussed below, indicating that at boot: prompt, when some parameters are passed to the Linux kernel, enter the password.
The password parameter can be used together with restricted or separately.
Used Together with restricted: the password is required only when the Kernel Parameter needs to be passed during startup. In normal (default) mode, the password is not required, pay attention to this 1.1.
Used independently (not used together with restricted): indicates that no matter what startup mode is used, a password is always required for Linux. If there is no password, there is no way to start Linux, in this case, the security level is higher, which is equivalent to adding another layer of defense measures to the periphery. Of course there are also disadvantages-you cannot remotely restart the system unless you add the restricted parameter. Because the password is plaintext and is not encrypted, the/etc/lilo. conf file must be set to only readable by the Super User. You can use the following command to set the password:
Chmod 600/ietc/lilo. conf
Then run the following command:
/Sbin/lilo-V, write it to boot sector, and make this change take effect.
To enhance the security of the/etc/liIo. conf file, you can also set this file as an unchangeable attribute. You can run the following command:
Chattr 10 I/etc/lilo. conf. If you want to modify the/etc/liIo. conf file in the future, use the chattr-I/etc/lilo. conf command to remove this attribute. Using the Ctrl + Alt + Del key combination to restart is very important and easy to ignore. If an illegal user can access the server's keyboard, you can press Ctrl + AIt + Del to restart your server.

Countermeasure:
Edit the/etc/inittab file and add notes to ca: ctrlaltdel:/sbin/shutdown-t3-r now ### ca: ctrlaltdeI:/sbin/shutdown-t3-r now.
Then run the following command:
/Sbin/init q to make this change take effect.
The above are the methods for preventing Linux server security risks. If you have any better methods or skills, please post on our China Security Information Network Forum (BBS. HACKER. CN.

1. Analyze the differences between the linux make command and Makefile
2. Linux script Shell command
3. Who command for viewing serialization in linux Process
4. Commands for normal shutdown in linux
5. Linux FTP server access permission collector