linux security audit checklist

/nessus-adduser, you will be prompted to add the appropriate password, the password you set yourself.Step 7: Finally, open the browser and enter https://ip:8834 8834 as the port number for the Nessus service. If you are not sure that the service is started after you start the service, you can ps-aux |grep NESSUSD to viewAfter you open the browser, enter your username and password to scan!Ubuntu under Nessus installation useNessus Relatively speaking, is a very powerful

attachPerform the Su-operation again, Tom can switch to the root user4. Example two: Prohibit Tom from landing in Tty2# Vim/etc/pam.d/login Join the following lineAccountrequiredpam_access.so# vim/etc/security/access.conf Tail increment, cannot append in last line-: Tom:tty2//-means to cancel5. Example three: Only Tom users are allowed to open two filesView/etc/pam.d/system-auth included inSessionrequiredpam_limits.so tail Add# vim/etc/

Remote Log Management:s:192.168.10.115c:192.168.10.431.s,c End Mount RsyslogYum-y Install Rsyslog2. Modify the S-side configuration to monitor 514 ports and provide remote log storage.vi/etc/rsyslog.conf # #去掉13, 14,17,18 's Notes# provides UDP syslog reception$ModLoad IMUDP$UDPServerRun 51415# provides TCP syslog reception$ModLoad imtcp$InputTCPServerRun 514: Wq[Email protected] ~]# vi/etc/rsyslog.d/remote.conf # #新建: Fromhost,isequal, "192.168.10.43"/var/log/remote_10.43.log # #指定客户端日志存放位置: Fr

For many people, migrating to Linux is a pleasure. For others, it was a nightmare. Especially for some administrators who just stepped into Linux management, if you don't avoid some common mistakes, it's easy to pose a security risk to your organization's network or system. This article will provide some advice to help these novices avoid these mistakes. Error O

SELinuxChapter ContentSELinux概念 启用SELinux 管理文件安全标签 管理端口标签 管理SELinux布尔值开关 管理日志 查看SELinux帮助 SELinux Introduction SELinux: Secure Enhanced Linux， 是美国国家安全局(NSA=The NationalSecurity Agency)和SCC(Secure Computing Corporation)开发的 Linux的一个强制访问控制的安全模块。2000年以GNU GPL发布，Linux内核2.6版本后集成在内核中DAC：Discretionary Access Control自由访问控制MAC：Mandatory Access Control 强制访问控制?

Linux Kernel real-time Intrusion Detection security enhancement-introduction-general Linux technology-Linux programming and kernel information. The following is a detailed description. I. Introduction Ice cubes It is now recognized that there is no absolute method or absolutely secure system in the world to prevent ha

fuck.Why is there a lack of safety knowledge?First of all, with setuid to a graphical network program to the overall right to root is a self-feeding loophole, the whole body is a hole, as long as the discovery of a, is the remote root.Second, the user interface will never need root, the right to take specific actions specific configuration has Polkit, update system configuration file can have Facl can have selinux/apparmor, kernel-level file scanning can have AUDITD, These mechanisms do not req

system-related account security, is not an unknown IP address attempt to use the root user login system.Linux system forces the user to kick out of the loginLinux system root user can force other logged-on users to kick off1. w command to view logged in user information#w16:15:11up210days,12:17,2users,loadaverage :0.13,0.15,0.10usertty from[email protected]idlejcpupcpu WHATliu pts/1ipaddress16:14 0.00s0.04s 0.03ssshd:liu[priv]fmd001_cpts/2 IPADDRESS1