Linux System Security (1)

When studying Linux, you may encounter Linux system problems. Here we will introduce the solution to Linux system problems. Here we will share with you some ideas. Linux System Security lecture

---------------
Outline

* Note:
Teaching content mainly focuses on <> □
The configuration is based on the webpage information.
---------------
Network security level: network, service, system, system security, physical security, geographic defense, access control system, social engineering P2-13, machine room protection, Cabinet, host, power supply, keyboard, screen, boot protection, key, power Button, BIOS.
Boot device: Hard Drive, soft drive, CD,
OS Loader
LILO P8-2
GRUB info grub (reference example 1)
Run level & rc P7-1
System Logon

Login
PAM P1-20
Ls/usr/share/doc/pam-0.75/
Limit more/etc/security/limits. conf
Nologin touch/etc/nologin
Consol vs remote more/etc/securetty
L istfile (Example 2)
Account Management, account names and UID P1-5, group P2-2 ~ P2-7, account password P2-12

Crack/John
Shadow P1-11
Chage info change
Usermod info usermod
Gpasswd info gpasswd

Permission management, ugo & rwx P3-8, archives vs directory x? Trojan and virus root or non-root? SUID & SGID & Sticky Bit P4-2, file vs directory, investigation techniques P4-4, su vs sudo, su missing passwd? Privilege? Sudoers Design info sudoers, file properties P4-8, appand only, read only, file system design, file type P3-2, inode & block P3-6

Http://www.study-area.org/linux/system/linux_fs.htm#fstab
Mount point
Quota http://www.study-area.org/linux/system/linux_fs.htm#fquota
Read only/usr/bin/usr/sbin...
No dev/home, no suid/no sgid, no exec
Secure download, trusted Website rpmfind, sourceforge..., GPG seal *. sign, MD5 checksum info md5sum, software testing, Execution Code, file generation, line/packet generation, source code tracing, intrusion detection, abnormal behavior, redundant connections, incomplete records, file replacement, Case permission change, hidden file, owner change, suid/sgid, Device File

Tools:
Chkrootkit
Http://linux.tnc.edu.tw/techdoc/check-rootkit-by-u-self.htm
Tripwire
Http://www.study-area.org/tips/tripwire.htm
Tiger
Ftp://coast.cs.purdue.edu/pub/tools/unix/TAMU
Log protection, extended attributes chattr + a, root only, and size control logrotate
Http://www.study-area.org/linux/system/linux_conf.htm#log
Authenticity (prevent modification) @ central/printer, Record Analysis
Tools: logcheck, logwatch, data backup, raw backup, system backup vs data backup, complete backup vs differential backup
Http://www.study-area.org/linux/system/linux_conf.htm#backup
Backup Media & storage, backup sample tar, cpio/apio, disaster recovery, risk assessment, fault tolerance level, recovery level, fault tolerance plan/device:, connection:
Redundent connection
Load balance
Cluster
Content: RAIDS, SAN & NAS, Mirror & rsync, patching P14-3
Version Selection
The safest version □ftp://linux.sinica.edu.tw/
Update mirror/APT/rhn
Test

1. For details about commonly used software in Ubuntu 8.10, set and configure 1)
2. About commonly used software in Ubuntu 8.10, configuration 2)
3. Ubuntu Compiz is commonly used as the shortcut key 3)
4. Brief Introduction to "Ubuntu ~" in the Ubuntu Operating System ~"
5. How to install the nvidia official driver perfectly on Fedora 12