Read about linux security best practices, The latest news, videos, and discussion topics about linux security best practices from alibabacloud.com
Enterprise Linux security System protection is divided into four steps:1, file system security maintenance;2, process security protection;3, user security management;4, log security statistics;1. File system security:Setgit and se
Security O M: Linux system account and logon Security 1. reasonably use the Shell history Command record Function In Linux, you can use the history command to view all the user's historical operation records, and the shell command operation records are stored in the user directory by default. in the bash_history file
browser, the result of Figure 3-2 appears.6. Restore the security context of the index.html to its default value through the Restorecon command.7. Access to the index.html file via a browser, as shown in result 3-3, as in the third step, the policy in SELinux granted the appropriate Read permission through the Allow command, so the access was successful.For the above procedures used in the command, such as Echo, Sesearch, Chcon, etc., see the Man man
Http://edu.51cto.com/course/course_id-2199.htmlCourse ObjectivesFrom the perspective of "security", this paper introduces the Common Security optimization measures of red Hat Enterprise Linux Server System, the SELinux principle and application, port and vulnerability scanning, iptables firewall and other network security
As a system administrator, it is very important to perform a comprehensive security check on the system on a regular basis. Recently, some friends wrote that some inexplicable problems have occurred, for example, the biggest problem is that the network service is obviously slow, which is very likely to be attacked. Practice has proved that the default installation is not safe for any system. In fact, no matter whether you use windows,
Microsoft recently said it would fix Windows security vulnerabilities to reduce new network-based security risks. However, security researchers said Linux/Mac OS Operating systems may have the same security risks. Nathan McFeters, one of the
as: Intruders often look for/Etc/shadow directories or similar directories to see if they can find a backup of their password files. Four, build their own shell account After two or three two critical steps the intruder finally got the key password file and cracked the password. Now you can run the Telnet program and log on to the host. When you connect to the server, the server displays some of its information to you, typically U NIX, Linux, Aix, I
User account is the computer users of the credentials or identification, every person to access the system resources, must rely on his user account to enter the computer. In the Linux system, there are many mechanisms to ensure the proper and safe use of user accounts. It is the first step to ensure the security of Linux system that the user account is properly p
read-only file, and the modification finishes saving to use "wq!" when exiting Command.If you want Zhangsan to execute only part of the command, you can specify the file path of the command that Zhangsan can execute in/etc/sudoers, and the file path of the command can be found through the which command.For example: Authorization Zhangsan can only execute useradd and Userdel commands.650) this.width=650; "title=" 1.jpg "alt=" wkiom1rnfr-htdpuaabxn2orjf8416.jpg "src=" http://s3.51cto.com/wyfs02/M
Although Linux and WindowsNT2000 are the same multi-user systems, there are many important differences between them. For many administrators who are used to Windows Although Linux is a multi-user system like Windows NT/2000, there are many important differences between them. For many administrators who are used to Windows, there are many new challenges to ensure the sec
' attribute, it is regarded as the top directory of the directory structure for Orlov block allocation. U Files can be deleted in reverse mode. The opposite is S! X (suppressing underlying access) Mark direct access to files Z (Suppress dirty files) Mark dirty files Lsattr Chattr User: Useradd Usermod Usedel Passwd Adduser Deluser Pwck Pwconv Pwuncov ID Whoami Who am I Who Finger Chfn CHSH /E
Although Linux is a multi-user system like Windows NT/2000, there are many important differences between them. For many administrators who are used to Windows, there are many new challenges to ensure the security and reliability of the Linux operating system. This article focuses on Linux system
definitely forget to delete it once completed, in this way, you will expose potential personal privacy and other sensitive security data to the listener. Especially when you place the storage device and the notebook in the same package. Select the zero-knowledge backup tool for remote backup Remote Backup is also very important. You can either ask the boss to provide the space for remote storage, or find cloud providers to provide corresponding servi
Monitoring IntroductionMonitor cacti (RRDtool) drawing monitors network device traffic to show historical data functionsNagios Monitoring Service Status disk memory does not record data at a glance you can write your own scriptZabbixCacti installationRPM-IVH http://www.lishiming.net/data/attachment/forum/epel-release-6-8_32.noarch.rpmYum Install Epel-releaseYum install-y httpd php php-mysql mysql mysql-server mysql-devel php-gd libjpeg libjpeg-devel libpng Libpng-develThis article is from the "s
1. No ping /etc/rc.d/rc.localEcho 1 >/proc/sys/net/ipv4/icmp_echo_ignore_all 2. Permissions control of user and password fileschmod 600/etc/passwdchmod 600/etc/shadowchmod 600/etc/groupchmod 600/etc/gshadow3. Add non-change attributes to the following fileChattr +i/etc/passwdChattr +i/etc/shadowChattr +i/etc/groupChattr +i/etc/gshadow4. Access Control for VSFTPVI Hosts.denyvsftpd:all– first to ban all VSFTP requests.VI Hosts.allowvsftpd:192.168.2.1– again allow the VSFTD request of Intranet5.
Linux has many advantages in function, price or performance, however, as an open operating system, it inevitably has some security problems. about how to solve these hidden dangers, to provide a safe operation platform for the application, this article will tell you some of the most basic, most commonly used, but also the most effective tricks. Linux is a UNIX-li
Linux is a UNIX-like operating system. In theory, there is no significant security flaw in the design of UNIX itself. For years, the vast majority of security problems found on Unix operating systems exist primarily in individual programs, so most UNIX vendors claim to be able to solve these problems and provide a secure UNIX operating system. But
Linux has many advantages in function, price or performance, however, as an open operating system, it inevitably has some security problems. about how to solve these hidden dangers, to provide a safe operation platform for the application, this article will tell you some of the most basic, most commonly used, but also the most effective tricks. Linux is a UNIX-li
private keysSsh-keygen-t RSA (This is the case with test)Enter------------password------Confirm passwordThe first file is a private keyThe second file is a public keyUpload test's private key to Test1.Ssh-copy-idEnter the test1 passwordSuccessfully uploadedSwitch to Test1Cd. SSHLlThe private key of test was foundAt this time we use test to go to the user login test1, need to enter a password, not test1 passwordTurn fromIt Essentials Linux
: Compared to move and copy, replication is more conducive to maintaining SELinux properties, recommended use.4.tar packaged backup with SELinux; special SELinux type:file_t,default_t,user_tmp_tThe default selinux is lost when Tar is packaged, and the SELinux property can be maintained using "--selinux|--xattrs".tar-zcvf/tmp/test-sel.tar.gz/var/www/html/--selinuxSpecial type:file_t: File does not have SELinux attributedefault_t: The SELinux of the file or directory does not match the File-contex
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
