LINUX Security Operations (i)

Source: Internet
Author: User

Linux security is very important! Worsens The meaning of this idiom is:

A lot of firewood in the kitchen of a family, someone pointed out that such a danger, it is easy to catch fire, proposed to improve (bend) flue, remove firewood. But the master did not listen. A day really caught fire, neighborhood came to rescue, the owner of the house was burned, the loss of heavy, prepared a hearty food to entertain neighborhood, but did not ask

Usually do a good defense work, than the fault of the stronger it!

Linux provides a variety of different users and roles, and some users and roles, the system simply does not need, should delete them, because the more accounts, the system is more insecure! Hackers may exploit them to threaten the security of the server.

Write a script, one-time deletion, I have experimented, you can directly copy with.

1. Delete unwanted users:

For i in {adm,lp,sync,shutdown,halt,news,uucp,operator,games,gopher}
Do
Userdel-r $i
echo "Userdel-r $i OK"
Done


2. Delete the unwanted groups:

For n in {adm,lp,news,uucp,games,dip,pppusers,popusers,slipusers}
Do
Groupdel $n
echo "Groupdel $n OK"
Done


Remember, delete the system users or groups, this is not a fixed requirement! According to the purpose of the server to delete!

For example, if the server is for Web applications, then the Apache users and user groups are retained, and if the user database is applied, the Apache users and user groups can be deleted.


Some users only make process calls or user group calls, do not require the login function, then use the following command to prevent it from logging on to the server:

# usermod-s/sbin/nologin Nagios//Prohibit Nagios users from logging on to the server,-S is the shell used to set up the user login

This article is from the "8174069" blog, please be sure to keep this source http://8184069.blog.51cto.com/8174069/1716964

LINUX Security Operations (i)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.