Three questions: Linux operating system security hardening

Three questions: Linux operating system security hardening

1. Why do I need to secure the reinforcement?

     safety reinforcement is self-evident. Here I have the operating system and Maslow's hierarchy of needs to make an analogy, if there is inappropriate, but also please advise. Like people, the operating system also has its own physiological needs, for human physiological needs are nothing but eating and drinking and so on, and for the operating system of its physiological needs is what? I personally think it should be the configuration of the underlying hardware, kernel drivers, operating system basic configuration and equipment power-up. When the machine is powered up, reads the hardware information, drives the kernel, and starts the operating system, the most important thing that comes with it is, of course, the security requirements. Human security needs mainly include personal safety, stability of life and the pursuit of security in the mind, for the operating system, its security needs through the configuration of reasonable permissions, parameters and firewalls, the closure of unnecessary ports, timely patching loopholes and other technologies to increase the security of the system. From this, I have compiled a short Linux reinforcement article, only for Linux beginners, I hope to be able to help you. Network security has always been the most important and the biggest gap in the Internet, and it is imperative to ensure the security of Internet users.

2. What is the security hardening of the operating system?

Operating system security hardening is to make the operating system security and stability of various technologies and various programs. Security reinforcement can be seen from inside and outside the operating system, internal is the operating system configuration and kernel parameters of the adjustment, which and human martial arts is a truth, self-powerful, others will not dare to bully you. Externally, the operating system can build a firewall to shut down unnecessary open ports, open vulnerability scanning technology and so on, to establish a defense against the external network attack of the Great Wall. Install operating system and application security patches, security configuration, risk prevention, risk prediction, security planning are all part of the operating system security hardening content, to ensure that the security and stability of the business can not be separated from the operating system security reinforcement.

3. How to implement the security hardening of Linux operating system?

1th: User Rights Management

Reasonable allocation of user accounts and user rights. Configure their minimum user rights based on the user's business needs. For some important files should be set reasonable permissions, to avoid inexperienced administrators to perform the wrong operation caused a huge loss. The password for the user should be complex, at least 8 bits in length. The following are some of the commands and configuration files for user Rights management and password policies that can be changed as appropriate.

Reference command: Useradd usernamepasswd usernamechmod directory (permissions can be set depending on the situation) Userdel Usernameusermod-l Usernameusermod-u Usernamegroupdel Username Reference configuration file:/etc/login.defs/etc/pam.d/system-auth/etc/pam.d/su/etc/ssh/sshd_config

2nd: Log Analysis

Enable logging, record system security events, and facilitate administrators to analyze log files and timely handle system failures.

Reference configuration file:/ETC/RSYSLOG.CONF/ETC/SYSLOG.CONF/VAR/LOG/MESSAGE/VAR/LOG/BOOT.LOG/VAR/LOG/DMESG

3rd: Port management: shutting down unnecessary ports

Reference command: Netstat

4th: Daily Patrol

The operation of operating system is regularly checked, which can help to understand the operation of the equipment and discover the hidden trouble. Reference commands and actions: Top check CPU, memory, swap utilization df-h Check disk space Utilization W system run time and load condition service iptables status firewall State cat/etc/passwdcat/etc/ Shadow Check exception account Ifconfigethtool XXX Check network connection DMESG system hardware log file Lastlog lastlastb Check login status more/var/log/messages system log who currently logged on user

Three questions: Linux operating system security hardening