Linux security code

1. Abolish all default accounts and passwords of the system.
2. Do not display company headers, online help, or other information before your legality is verified.
3. Abolish the network services that hackers can attack the system.
4. Use a 6-to 8-digit alphanumeric password.
5. restrict the number of times a user attempts to log on to the system.
6. Record security violations and review security records.
7. Encryption must be performed before important information is transmitted over the Internet.
8. Pay attention to the suggestions made by experts and install the system "patches" they recommend ".
9. Restrict host files that can be accessed without a password.
10. Modify the network configuration file to limit the number of TCP connections from outside to the minimum number of ports. Protocols such as tftp, sunrpc, printer, rlogin, and rexec are not allowed.
11. Use upas instead of sendmail. Sendmail has many known vulnerabilities and is difficult to completely fix.
12. Remove programs that are not critical to the operation and are rarely used.
13. Use chmod to change all system directories to the 711 mode. In this way, attackers will not be able to see what is in them, and users can still execute.
14. If possible, install the disk in read-only mode. In fact, only a few directories need to be read and written.
15. upgrade the system software to the latest version. The old version may have been researched and successfully attacked. The latest version generally includes the remedy for these problems.

Related Articles]

• Linux Security Basics

• LINUX security management 10 key points

• Linux Security Settings Manual