As we all know, network security is a very important topic, and servers are the most critical link in network security. Linux is considered to be a safer Internet server. As an open-source operating system, once a security vulnerability is found in Linux, volunteers from around the world on the Internet will actively fix it. However, system administrators often cannot obtain and correct information in a timely manner, which gives hackers an opportunity. However, compared with the security vulnerabilities of these systems, more security problems are caused by improper configuration and can be prevented by appropriate configuration. The more services run on the server, the more opportunities for improper configuration, and the greater the possibility of security problems. This article introduces how to enhance the security of Linux/Unix servers.
1. system security record files
---- Record files in the operating system are important clues for detecting network intrusion. If your system is directly connected to the Internet, you find that many people try to Telnet or FTP your system, you can run "# more/var/log/secure | grep refused" to check the system's attacks and take corresponding countermeasures, such as replacing Telnet/rlogin with SSH.
Ii. startup and login security
---- 1. BIOS Security
---- Set the BIOS password and modify the boot sequence to disable system startup from a floppy disk.
---- 2. User Password
---- The user password is a basic starting point for Linux security. Many users use too simple passwords, which opens the door for intruders. Although theoretically, as long as you have enough time and resources to use, there is no user password that cannot be cracked, but it is difficult to choose a proper password. A good user password is a string of characters that can only be easily remembered and understood by him, and should never be written anywhere.
---- 3. Default Account
---- All Default Accounts started by the operating system and unnecessary accounts should be prohibited. This should be done when you install the system for the first time. Linux provides many default accounts, the more accounts the system is vulnerable to attacks.
---- You can use the following command to delete an account.
----
# Userdel Username |
# groupdel username |
---- # chattr +i /etc/passwd---- # chattr +i /etc/shadow---- # chattr +i /etc/group---- # chattr +i /etc/gshadow |
# chmod -R 700 /etc/rc.d/init.d/* |
---- auth sufficient /lib/security/pam_rootok.so debug---- auth required /lib/security/pam_wheel.so group=isd |
# usermod -G10 admin |
---- # This will overwrite/etc/issue at every boot. so, make any changes you ---- # want to make to/etc/issue here or you will lose them when you reboot. ---- # echo "">/etc/issue ---- # echo "$ R">/etc/issue ---- # echo "Kernel $ (uname-r) on $ a $ (uname-m) ">/etc/issue ---- # cp-f/etc/issue/etc/issue.net ---- # echo>/etc/issue ---- then, perform the following operations: ---- # rm-f/etc/issue ---- # rm-f/etc/issue.net ---- # touch/etc/issue ---- # touch/etc/issue.net |
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
