Linux security check method-general Linux technology-Linux technology and application information. For details, refer to the following section. Guidance:
Check the system password file and check the file modification date.
[Root @ fedora ~] # Ls-l/etc/passwd
View privileged users in the passwd file
[Root @ fedora ~] # Awk-F: '$3 = 0 {print $1}'/etc/passwd
Check whether there is a blank password account in the system.
Awk-F: 'length ($2) = 0 {print $1} '/etc/shadow
Check the system daemon process
Cat/etc/inetd. conf | grep-v "^ #"
Check network connection and listening port
Netstat? An
Netstat? Rn
Ifconfig? A
View historical records of all users logging on to the local machine under normal conditions
Last
Check the core file in the system
Find/-name core-exec ls-l {}\;
Check System File integrity
Rpm? Qf/bin/ls
Rpm-qf/bin/login
Md5sum? B file name
Md5sum? T file name
Check for backdoor
Cat/etc/crontab
Ls/var/spool/cron/
Cat/etc/rc. d/rc. local
Ls/etc/rc. d
Ls/etc/rc3.d
Find/-type f-perm 4000
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.