Check the system password file and check the file modification date.
[Root @ fedora ~] # Ls-l/etc/passwd
View privileged users in the passwd file
[Root @ fedora ~] # Awk-F: '$3 = 0 {print $1}'/etc/passwd
Check whether there is a blank password account in the system.
Awk-F: 'length ($2) = 0 {print $1} '/etc/shadow
Check the system daemon process
Cat/etc/inetd. conf | grep-v "^ #"
Check network connection and listening port
Netstat-
Netstat-rn
Ifconfig-
View historical records of all users logging on to the local machine under normal conditions
Last
Check the core file in the system
Find/-name core-exec ls-l {}\;
Check System File integrity
Rpm-qf/bin/ls
Rpm-qf/bin/login
Md5sum-B file name
Md5sum-t file name
Check for backdoor
Cat/etc/crontab
Ls/var/spool/cron/
Cat/etc/rc. d/rc. local
Ls/etc/rc. d
Ls/etc/rc3.d
Find/-type f-perm 4000
Related Articles]
- How to customize a Secure Linux System Service Platform
- Linux system security risks and methods for strengthening security management
- Linux security configuration steps