server hardening policy

Requirements:Domain functional Level windowsserver 2008 or moreSteps to deploy granular password policy:1. First create Password Policy object (Adsiedit.msc-load domain partition-System-password Settings container-Right-click New Object2. Set the specific password policy:First "value" = OU policy NameSecond value password Set priority: When a user belongs to mult

Article Title: Linux server security policy details (2 ). Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source. 2. Linux TCP/IP network configuration Linux was designed for the network from the very beginning. It has built-in mature functions that were previously only visible

modeC:\RarFile Compressed FilesE:\BigFile source files waiting to be compressedFor more help, you can open winrar and watch it help.You can periodically compress some file birds by writing the above batch command to a batch file and then running the batch file periodically with a scheduled task. For example, in the dead of night, the machine automatically compresses huge database backup files.This article is from "Ghost" blog, please make sure to keep this source http://fangwei009.blog.51cto.co

Tags: mysql5.7PrincipleHttp://www.tuicool.com/articles/N7fueaBulk ScriptMysql-uroot-p ' xx '-e "select User,host from Mysql.user;" >/root/user.txt sed-i ' 1d ' user.txt #sed-i ' s/[[]*/@/g ' user.txt sed-i ' s/\s\+/@/g ' User.txt cat alter.sh #!/bin/bash for i in ' cat user.txt ' do name= ' echo $i |awk-f ' @ ' {print $} ' ip= ' echo $i |a Wk-f ' @ ' {print $} ' st= ' ALTER USER ' "$name" ' @ ' "$ip" ' PASSWORD EXPIRE never; echo $st done select user,host,password_last_changed,password_lifetime,

Objective In the last two articles, "Proficient in Windows Server 2008 Multi-meta password policy ADSIEdit" and "proficient in the Windows Server 2008 Multi-meta password Policy ldifde" I have introduced how to use ADSIEdit tools, Active Directory user and computer snap-in and LDIFDE command line tools Create, Manage

the network, and there is no rule between legal or unauthorized server first response. In this way, the network is completely disrupted. machines that can normally access the Internet can no longer connect to the Internet. Ii. Defense Policy: 1. Negative prevention: Since the broadcast packet is sent to all the devices in the network, there is no rule between legal or unauthorized

\winrar.exe "a- as -R-EP1-Ibck-DF "\ \192.168.1.1\DataBase\person\person_.rar "-M3-Agyyyymmddhhmmss "D:\DataBase\person\p*"Rem del/Q/F "d:\DataBase\person\p*") rem timeout/T%T% /NobreakremGoto: Start---picture explanationSummaryIf the backup space is sufficient and does not require such trouble, the second method is more stressful for the server and has a long migration time, which is not recommended.If the article is helpful to everyone, I hope you c

Two ways to close an event tracker: First method: Normal system version (Group Policy)Start-run-enter "Gpedit.msc", open Group Policy Editor, Computer Configuration on the right-admin template-system, double-click Show Shutdown Event Tracker, set to Disabled Second method: RegistryThe client's server installs the English version system, in the Group

Jenkins server disk space management policy Jenkins helps us automate the construction of services while also consuming server disk space. Imagine if there are a large number of projects and the disk space of the Jenkins server is not very large, at intervals, the disk space will be full, resulting in the failure of bu

Course IntroductionSecurity is a commonplace topic in IT industry, which has reflected many security problems in the past few years, and it has become urgent to deal with the problem of information security.Therefore, as operations personnel, it is necessary to understand some of the safe operation and maintenance standards, while the protection of their own responsible business.This course focuses on the security policies of Linux servers.Course Objectives Mastering Linux

Article Title: Linux server security policy details (6 ). Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source. 4.2 daemon 4.2.1 concept of Linux daemon Linux servers need to run many system services during startup. They provide Linux system function interfaces to local and ne

Article Title: Linux server security policy details (11 ). Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source. 6.3 configure a safe Apache server Reasonable network configuration can protect Apache servers from many attacks. 6.3.1

.png-wh_500x0-wm_3 -wmp_4-s_3088011741.png "title=" image 1.png "alt=" Wkiom1fg5nvwkgfvaadgdsmf-vy727.png-wh_50 "/>Description: PSO priority, cannot be set to 0, highest level starting from 1 (1 max). However, the PSO(password setting container) is the highest level directly linked to the user. Four, the update under the strategy, the client landing under the effect of how to see.650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M01/87/C4/wKiom1fg5qywBYrMAABFi7Q1Y0U088.png-wh_500x0-wm_3 -wm

Article Title: Linux server security policy details. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source. Chapter 1 security threats to Linux Network basics and Linux servers 1.1 Linux Network Basics 1.1.1 Linux Network Structure Features [IT expert network exclusive] Linux i

stringtable code snippet: id="ABCDOnly">仅限制驱动器 A、B、C 和 D id="ABConly">仅限制驱动器 A、B 和 C id="ABOnly">仅限制驱动器 A 和 B id="ALLDrives">限制所有驱动器 id="ClassicShell">启用经典外观 id="ClassicShell_Help">此设置允许管理员将特定的 Windows Shell 行为还原到经典外观行为。 Add a sentence in it: id="NotE">限制除E外所有驱动器 Finally, go to 隐藏“我的电脑”中的这些指定的驱动器 and 防止从“我的电脑”访问驱动器 Select Enable Just added * * To restrict all drives except e * *.From for notes (Wiz) Windo

Article Title: Linux server security policy details (5 ). Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source. Chapter 2 Linux network services and xinetd 4.1 Linux Startup Process 4.1.1 Linux Startup Process details 1. From BIOS to Kernel 　　(1) BIOS self-check After the comp

-444553540001} \ VersionIndependentProgID] @ = "Shell. application_nohack "[HKEY_CLASSES_ROOT \ Shell. application_nohack] @ = "Shell Automation Service" [HKEY_CLASSES_ROOT \ Shell. application_nohack \ CLSID] @ = "{13709620-C279-11CE-A49E-444553540001}" [HKEY_CLASSES_ROOT \ Shell. application_nohack \ CurVer] @ = "Shell. application_nohack.1" Old Du comment: WScript. shell and Shell. the application component is an important part of improving permissions during the script intrusion process. the