System security Knowledge

Some simple changes in Linux

1, change the login prompt

[Email Protected]╭ァ rain throb ~]# VIM/ETC/MOTD

Add the words you want to prompt in this file and save them after you've finished modifying them.

Such as:

Last Login:thu Mar to 06:15:51 from 192.168.1.119

Welcome to LOGIN!!! Warm reminder: The data is priceless, cautious operation ~ ~ ~

[Email Protected]╭ァ rain throb ~]$

Of course, this display method can also be changed/etc/ssh/sshd_config

[Email Protected]╭ァ rain throb ~]# vim/etc/ssh/sshd_config

Join Banner/usr/local/src/welcome.txt on the last line

One of the Welcome.txt is your pre-defined file, the inside of the class is also your own writing, under which directory, write which absolute road strength

2,history command

All records of this command are saved in the. bash_history file in your user directory

By default, history does not show the time of the user Action command, but modifying the file allows the date to be displayed

[Email Protected]╭ァ rain throb ~]# vim/etc/ssh/sshd_config

histfilesize=4000 #命令的记录总数, saved in. bash_history

histsize=4000 #记录输出的总数

histtimeformat= '%F%T ' #定义时间的显示

Export Histtimeformat #作为history的时间变量将值传递给history

The following modifications are completed:

994 2016-03-31 06:22:57vim/etc/ssh/sshd_config

995 2016-03-31 06:31:55VIM/ETC/BASHRC

996 2016-03-31 06:36:11history

In general I will back up the. bash_history file, and if hacked and he deletes the file, it's not going to know anything.

3,tcp_wrappers

Tcp_wrappers is a software used to analyze the TCP/IP encapsulation package

Configuration file in/etc/hosts.allow/etc/hosts.deny

The service in the system can not use the Tcp_wrappers firewall, depending on whether the service has a libwrapped library file, if the application can use

Set format

Service:host (s) [: Action]

Service Representative Services

Host hostname or IP address

Action actions, what to do when you meet the criteria

Such as:

All:all EXCEPT 192.168.1.119

Only allow 192.168.1.119 access, everything else is rejected

If you want to allow 192.168.1.10

Modify the file and join in the last line

[Email Protected]╭ァ rain throb ~]# Vim/etc/hosts.allow

sshd:192.168.1.10

By default, the system will look at the conditions in the/etc/hosts.allow file before you see the conditions in the/etc/hosts.deny

4,chattr and Lsattr

Lock system-critical files

chattr [-RV] [-v version] [mode] file or directory

-R recursively modify all files or directories

-V Displays the changes in detail and prints the output

The mode section is used to control the properties of the file, and the common parameters are

+ On the basis of the original parameter setting, append the parameter

-Remove parameters based on the original parameter setting

= Update to specified parameter

A append, after setting this parameter, you can only add data to the file, not remove

C Compress, set whether the file is compressed and then stored, read the need to go through the automatic decompression file

I immutable, the file can not be modified, deleted, renamed, set the connection, and can not write data or new content, etc.

s safely delete files or directories and reclaim disk space after deleting files

If you delete a file or directory, the system retains its data block so that you can recover the file later

lsattr [-adirvv] File or directory

-a lists all files in the directory, including the "." The file that starts with

-D Displays the specified directory properties

-R lists all files and subdirectories and attribute values in the directory recursively

-V Show file or directory version

Such as:

Chattr-r +i/etc/passwd

Chattr +a/var/log/message

This article is from the "Sunshineboy" blog, make sure to keep this source http://sunshineboy.blog.51cto.com/10310940/1765418

System security Knowledge