Ten errors that Linux administrators can easily make

Migration to Linux is a pleasure for many people. For others, this is a nightmare. Especially for some administrators who have just entered the Linux management gate, if some common errors are not avoided, it is easy to bring security risks to the network or system of the Organization. This article provides some suggestions to help these beginners avoid these errors.

　　Error 1: download and install various types of applications from multiple channels without strict review

At first glance, this may be a good idea. If you are running Ubuntu, you will know that the package management program uses the. Deb software package. However, many of the applications you find are source
Provided in the form of code. No problem? These programs may work properly after installation. But why can't you install programs at will? The principle is very simple. If you install a program in the form of a source, then your
The software package management system will not be able to track what you have installed. Therefore, Package A (installed as a source) depends on Package B (installed from A. Deb Library), while Package B is updated from the update manager.
What will happen? Package A may or may not run. However, if both Package A and Package B are installed from the. Deb library, the chances of both packages running will be higher. In addition, in all
When all the packages are from the same binary type, it is easier to update the package.

　　Error 2: Ignore updates

This does not mean that Linux administrators lack skills. However, after running Linux, many Linux administrators think there will be nothing to do in the future and think it is safe and reliable. In fact, the new
Updates can patch new vulnerabilities. Maintaining updates builds a watershed between a vulnerable system and a secure system. Linux security comes from constant maintenance. To achieve security,
To use new features and stability, any administrator should keep up with the pace of Linux updates.

　　Error 3: Bad Password

Remember, the root password is usually critical to the Linux kingdom. So why is the root password so easy to crack? It is essential to ensure the robustness of your user passwords. If your password is long and hard to remember, you can store it in an encrypted location. You can use the decryption software to unlock the password when you need it.

　　Error 4: Start the server to X

When a machine is a dedicated server, you may want to install x, so that some management tasks will be simpler. However, this does not mean that the user needs to start the server into X. This will waste
Precious memory and CPU resources. On the contrary, you should stop the Startup Process on level 3 and enter the command line mode. This will not only leave all resources to the server, but also prevent the leakage of machine secrets. Yes
Log on to X. You only need to log on as a command line, and then type startx to enter the desktop.

　　Error 5: Allow at will because you do not understand the permission

If the permission is improperly configured, hackers will be given a chance. The simplest way to handle licensing problems is to use the so-called RWE method, namely, read, write, and execute ). Suppose you want a user to read a file but not write it into it. To do this, you can execute:

Chmod U + W, U-Rx file name

Some new users may see an error saying they do not have permission to use files, so they use: chmod 777
File name to avoid problems. But this will actually cause more problems, because it gives the executable permissions of the file. Keep this in mind: 777 permission to read, write, and execute a file
For all users, 666 granted the read and write permissions for a file to all users, while 555 granted the read and execute permissions for the file to all users, there are also 444, 333, 222, 111, and so on.

　Error 6: No key configuration files are backed up.

Many administrators have this experience. After upgrading to an X version, such as X11, they find that the new version destroys your Xorg. conf configuration file, so that you can no longer use X?
We recommend that you back up the previous/etc/X11/Xorg. conf file before upgrading X to avoid the upgrade failure. Of course, the Upgrade Program of X will try to back up Xorg. conf for the user.
File, but it is backed up in the/etc/X11 directory. Even if this backup looks good, you 'd better make a backup yourself. One of my habits is to back up it to the/root directory. In this way,
The user can know that only the root user can access this file. Remember, security first. This method also applies to other key backups, such as samba, Apache, and MySQL.

　　Error 7: Log On As the root user

This is a very dangerous mistake. If you need root privileges to execute or configure an application, you can use Su to switch to the root user in a standard user account. Log on to the root user
Why is it not a good thing? When a user logs on as a standard user, all running X applications still have access to this user only. If the user logs on as the root user, X has
Root permission. This will lead to two problems. 1. If the user makes a big mistake by the GUI, this error may be a huge disaster for the system. 2. Run X as the root user to make the system
System is more vulnerable to attacks.