systems;● File System server superuser.
For legal users, there is almost no difference between accessing confidential files and accessing common files.
Security Audit
Even if the system administrator takes a variety of security measures, he may unfortunately find some new vulnerabilities. Before the vulnerability is fixed, attackers can quickly seize the opport
.
Specific Linux measures to solve the first two problems listed above include network packet protection (firewalling)/filtering (filtering) to protect the integrity of the file system, and additional resources that can be added as needed (for example, using Tivoli®Intelligent Orchestrator; see references for links ).
Linux System Security
Article Title: sybasloud Security "landing" Linux. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
In various operating systems, the popular colors of the past two years are
In various operating systems, the popular colors of the past two years are Linux. More and more mainstream database vendors are porting their products to the Linux operating system platform. Currently, database products on the Linux platform include Oracle for Linux, Sybase ASE for
management.
Of course, the specific services to be canceled cannot be generalized and should be determined based on the actual application situation, but the system administrator must be aware of them, because once the system has security problems, it is important to carry out the investigation and remedy work step by step and methodically.
3. Strict audit: System logon user management
Before entering
Linux7.2), the xinetd is used to manage network services.
Of course, the specific cancellation of which services can not be generalized, need to be based on the actual application of the situation to determine, but the system administrator needs to be aware of, because once the system security problems, it is necessary to do a step, orderly leak check and remedial work, this is more important.
3, Strict Audit
using specific protocols. Unauthorized wireless network Access points (AP, Access Point) must be found. users' Access and control needs to be periodically evaluated. Emails must be scanned for intrusion and password theft detection. The system must be monitored to prevent security risks.
Many organizations believe that security only prevents unauthorized data access. However,
application configuration or error will only return the error to the user's program and its system background program. The security of other user programs and their background programs can still run normally and maintain their security system structure.
To put it simply, no program configuration error can cause the entire system to crash.
Install the SELinux kernel, tool, Program/toolkit, and documen
Work of some content, this is China Mobile group's current Linux machine security compliance standards, find some time to classify it, and check out some information, what each configuration means, not only to know it, but also to know its why. A good memory is inferior to a bad pen.
1. Check FTP configuration-Restrict user FTP loginControl the FTP process default access permissions, when you create a
The so-called system reinforcement is to use manual configuration and related software to improve system security. This article describes how to use the open-source software sudo to control and audit Root permissions to reinforce Linux system security. I. sudo is an open-source sec
must be scanned for intrusion and password theft detection. The system must be monitored to prevent security risks.Many organizations believe that security only prevents unauthorized data access. However, security intelligence should include Intrusion Prevention for everything and any data access threats. This requires audit
reliable so that data can be correctly transmitted without a bit error. On the other hand, data must not be accessed and modified by unauthorized entities without detection. The scope of integrity starts when the user-the final authority-delegates data to the system. Therefore, user errors are not within the integrity scope.For network connections, ensure the integrity regardless of whether the network is secure, for example, encrypted transmission ). During transmission, third parties that can
structure.To put it simply, no program configuration error can cause the entire system to crash.Install the SELinux kernel, tool, Program/toolkit, and documents of SELinux. You can download them on the Linux website for enhanced security. You must have an existing Linux system to compile your new kernel, in this way, you can access the system patch package that
)Break;;N | no)Echo "there don't have authpriv set in/etc/syslog. conf"Echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!! "Continue;;*)Echo "please input yes or no";;EsacElse# Echo "log and audit compliance"Echo "syslog audition follow the rules"Fi#15 ,---------------------------------------------------------------------Echo "# disable linux core dump"Echo "Turn off the system core dump"Echo "#------
system administrator to enhance security. However, it is not possible to completely hide the password file. Normally there will be unlocked password files backed up in the system so that intruders can exploit them. For example, intruders usually look for/etc/shadow directories or similar directories, check whether the password file is backed up.
4. Create your own shell accountAfter two or three key steps, the intruder finally obtained the key pass
This article describes how to use the log subsystem and Its commands in Linux to better protect system security.
The log sub-system in Linux is very important for system security. It records various daily events of the system, including those users who used or are using the system, logs can be used to check the cause
1. FirewallsA firewall is a part or a series of parts that is restricted between the protected network and the Internet, or between other networks.The Linux Firewall system provides the following features:Access control, which can enforce access control policies based on address (source and destination), user, and time, thereby eliminating unauthorized access while protecting the legitimate access of internal users from being affected.Audit, to record
A reasonable use of the shell History command logging functionUnder Linux, the History command allows you to view all of the user's historical operations records, while the shell command action record is saved by default in the. bash_history file in the user directory, which allows you to query the execution history of the shell command. Help operations personnel to conduct system audits and troubleshooting, while the server has been hacked, you can a
framework. Common7. Default Deny AllFirewalls have two ideas: one is to allow each point of communication, and the other is to deny all access, prompting you for permission. The second kind is better. You should only allow those important communications to enter. Common8. Using Intrusion Detection systemIntrusion detection systems, or IDs, allow you to better manage communication and attacks on your system. Snort is now recognized as the best IDs on Linux
, it cannot be generalized. if you really need some services, try to limit its potential destructive effect on the rest of the system and try to make it run in its own chroot path, separate it from the rest of the file system.
Pay attention to licensing issues
As a user or administrator, you must ensure that no user can execute unnecessary programs or open unnecessary files. Administrators should audit the entire system and minimize the licensing of e
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.