Introduction to common Linux network security tools (1)

Source: Internet
Author: User

Although various versions of Linux distribution come with a lot of open source free software, there are still a lot of useful tools not defaulted. These are included in their installation CDs, especially some tool kits that can enhance Linux network security. Most of them are open source free software.

Here we will briefly introduce several tools to enhance Linux network security.
1. sudo
Sudo is a program used by the system administrator to allow some users to run some/all system commands as root. An obvious purpose is to enhance the security of the site. If you need to do some daily work as root every day, you often execute some fixed commands that can only be executed as root, so sudo is very suitable for you.
Sudo home page: http://www.courtesan.com/courtesan/products/sudo/
Taking Redhat as an example, the following describes the installation and setting process:
First, you can download the rpmpackage of forRedhatLinux from The sudo homepage.
It is at ftp://ftp.freshmeat.net/pub/rpms/sudo/the latest stable version 1.5.9p4.

Run # rpm-ivhsudo * to install it, and then use/usr/sbin/etc do to edit the/etc/sudoers file.
If the system prompts that you cannot find/usr/bin/vi, but you actually have a vi Program in the directory/bin, you need
Ln-sf/bin/vi/usr/bin/vi: Create a symbolic link for vi under/usr/bin. Note: I encountered this problem on Redhat6.1, but Redhat5.x does not)
In addition, if some other errors occur, you may need to # chmod700/var/run/sudo

The following is an example of my/etc/sudoers file:

Code: [root @ sh-proxy/etc] # moresudoersHost_AliasSERVER = sh-proxy # UseraliasspecificationUser_AliasADMIN = jephe, tome # tables =/etc/halt,/etc/shutdown, /etc/rebootADMINSERVER = SHUTDOWNjepheSERVER =/usr/bin/tail-f/var/log/maillogjepheSERVER =/usr/bin/tail-f/var/log/messages # UserprivilegespecificationrootALL = (ALL) ALL

Since I often need to remotely log on to the server to observe the changes in the emaillog file/var/log/maillog, I added this line to/etc/sudoers, in this way, I do not need to log on as root frequently to complete my daily work, improving the security.


Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.