Home > Developer > Linux

Linux common system security knowledge and usage

Source: Internet
Author: User
Tags account security
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

A simple understanding of the system startup process
bios-grub-Kernel (kernel)--initrd-read file-start service-tty terminal-Login (user, password)
(For more information please visit http://blog.chinaunix.net/uid-23069658-id-3142047.html)

Second, strengthen the system account security
1. Account File:
/ETC/PASSWD # #用户信息
/etc/shadow # #用户密码信息
/etc/profile # #系统配置文件, environment variables, etc. information
/home/User/.bash_profile # #用户独有环境配置文件
/etc/rc.local # #用户自定义开机执行操作文件

2. Security Management
1) Follow the above document changes
2) Delete unnecessary users (Userdel–r users)
3) Change of monitoring password and changes of login shall
4) must lock account (passwd–l user), unlock (passwd–u user)

3. Optimize your account password
1) Optimize the account: By modifying the template file by specifying new user information L (/etc/skel/*# #用户配置文件模板, you can define some environment variables;/etc/default/useradd # #创阿金用户的家目录, log in to the Shell template file)
2) Optimize password security:
A: Password usage time: Modify/etc/login.defs for new user
Definition: Established use of chage command to modify password usage time
B: Password optimization: Through the Pam_crack module to set the password complexity requirements, record the number of historical password; Set user lock policy through Pam_tally2

4. Historical order
1) History # #查看历史命令
History–w # #将历史命令写入到文件中
History–c # #清除内存中历史命令
Use history command: Up button,!! Part of the history command
By default: History commands are recorded in the/.bash_history file, only
2) The history command is written to the file when exiting or using "history-w"
3) Custom History command record
Can be defined in the/etc/profile or user directory. Bash_profile
Common Configuration items:
HISTSIZE=100 # #定义记录历史命令的条数, default 1000
Histtimeformat= "%f-%t" # #记录历史命令时间
histftile= "File" # #第一历史命令存放文件, note that the fill virtual has write permission

5. Lock file: chattr, lsattr
Common options: Chatty +i File # #锁定文件,-I interpretation
Chatty +a File # #只允许追加, no need to delete,-a cancel


Linux common system security knowledge and usage

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
linux high system cpu usage linux file system security common knowledge book cissp common body of knowledge common body of knowledge cbk difference between windows security and linux security scada system security threats vulnerabilities and solutions

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More