Linux Server Security Policy

Source: Internet
Author: User
Tags system log

1 Server general Security Policy:

1) It is best to use a hardware firewall, iptables input chain default policy is drop, open the necessary ports.

2) password is absolutely safe, more than 24 people

3) Take key login, prevent brute force hack, prohibit root login, normal user + key authentication +ip limit + user limit

4) Periodic analysis of the system's log files, such as Last,lastlog,

5) regularly use grep error/var/log/messages to check the server for hardware corruption

6) Stop unnecessary services and harden the kernel.


2 The general processing process after the server has been compromised:

1) cut off the network;

2) Find the source of the attack: Analyze system log files and log files, (such as suspicious users, interrupt their remote connection)

Such as:

[Email protected] ~]# tail-f/var/log/messages

[Email protected] ~]# Lastlog

[Email protected] ~]# LASTB #查看失败的登陆记录

[Email protected] ~]# tail-f/var/log/secure #查看用户相关的安全日志

3) Analysis of the causes and ways of intrusion;

The reasons for the intrusion are manifold, either a system vulnerability or a program vulnerability, which requires finding an attack source and a way to remove and fix the vulnerability.

4) backup data;

5) Re-install the system (according to the actual situation, such as the provision of online services is obviously not practicable)

6) Hotfix or system vulnerability

7) Recovery of data and networks;



This article from "10,000 years too long, seize" blog, please be sure to keep this source http://zengwj1949.blog.51cto.com/10747365/1927942

Linux Server Security Policy

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.