A simple understanding of the system startup process
bios-grub-Kernel (kernel)--initrd-read file-start service-tty terminal-Login (user, password)
(For more information please visit http://blog.chinaunix.net/uid-23069658-id-3142047.html)
Second, strengthen the system account security
1. Account File:
/ETC/PASSWD # #用户信息
/etc/shadow # #用户密码信息
/etc/profile # #系统配置文件, environment variables, etc. information
/home/User/.bash_profile # #用户独有环境配置文件
/etc/rc.local # #用户自定义开机执行操作文件
2. Security Management
1) Follow the above document changes
2) Delete unnecessary users (Userdel–r users)
3) Change of monitoring password and changes of login shall
4) must lock account (passwd–l user), unlock (passwd–u user)
3. Optimize your account password
1) Optimize the account: By modifying the template file by specifying new user information L (/etc/skel/*# #用户配置文件模板, you can define some environment variables;/etc/default/useradd # #创阿金用户的家目录, log in to the Shell template file)
2) Optimize password security:
A: Password usage time: Modify/etc/login.defs for new user
Definition: Established use of chage command to modify password usage time
B: Password optimization: Through the Pam_crack module to set the password complexity requirements, record the number of historical password; Set user lock policy through Pam_tally2
4. Historical order
1) History # #查看历史命令
History–w # #将历史命令写入到文件中
History–c # #清除内存中历史命令
Use history command: Up button,!! Part of the history command
By default: History commands are recorded in the/.bash_history file, only
2) The history command is written to the file when exiting or using "history-w"
3) Custom History command record
Can be defined in the/etc/profile or user directory. Bash_profile
Common Configuration items:
HISTSIZE=100 # #定义记录历史命令的条数, default 1000
Histtimeformat= "%f-%t" # #记录历史命令时间
histftile= "File" # #第一历史命令存放文件, note that the fill virtual has write permission
5. Lock file: chattr, lsattr
Common options: Chatty +i File # #锁定文件,-I interpretation
Chatty +a File # #只允许追加, no need to delete,-a cancel
Linux common system security knowledge and usage