We are approaching the two major threats of Linux protection to eliminate viruses!

Article Title: Approaching the Linux protection to eliminate the virus !. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

The so-called "pop-up" is not bad. When we are still studying what Linux is, we will never think that today's Linux system has become a hot topic for hackers to crack. Compared with Windows systems, Linux systems are stable, cost-effective, and most importantly, they are relatively secure. As a result, Linux is like a one-night spring breeze, used by various groups of people, with millions of trees blooming. Of course, there are more and more security problems than just the great development of open-source software.

As a very popular open-source software, whenever a Linux security vulnerability occurs, many people always take the initiative to fix it. However, as the problem increases, it is difficult to fix it in time. However, we generally think that computer network threats mainly come from computer viruses and hacker attacks, so let's start from these two aspects, more purposeful security protection for Linux systems.

　　Reject threats from viruses

Viruses are the first security threats to any system. Although many of the well-known Linux viruses do not really damage the Linux system, it will infect the adjacent Windows system, which can also cause the system to fail to work normally.

Currently, Anti-virus software in Linux is mainly divided into two parts: open-source-based Anti-virus software and commercial Anti-virus software. The former includes Germany's SEBASTIAN, H + BEDV AntiVir/X Company's Anti Vir Linux, the latter includes RAV Anti Virus Desktop For Linux v8 of GeCAD Software.

Among the above anti-virus software, the most common product is AntiVir Linux. The software itself is a command line-based tool, so it requires a high level of administrator in some advanced parameter configurations. In Desktop products, RAV Anti Virus Desktop For Linux v8 is a popular product.

　　How to defend against hacker attacks when installing system partitions

Among various common attacks, the number of security vulnerability attacks with buffer overflow as the typical is the highest. This attack makes it possible for any network user to gain control of the host. Therefore, we must pay attention to the partition issue when installing the system.

If you use the root partition to record data, such as log files and emails, the system may crash because the denial of service generates a large number of logs or spam. Therefore, we recommend that you create separate partitions for/var to store logs and emails to avoid overflow of the root partition. It is best to create a separate partition for special applications, especially those that can generate a large number of logs. In addition, it is recommended to separate/home into one partition so that they cannot be filled with/partitions, thus avoiding some malicious attacks against Linux partition overflow.

　　BIOS settings

Set the password in the BIOS settings and do not accept a floppy disk to start the system. This prevents hackers who attempt to use a dedicated boot disk to access the system.

　　User Password

This is an old topic. Regardless of the system, user passwords are the most basic security start point. Theoretically, no password can be cracked if enough time and resources are available. However, a string of special characters may help you resist external threats. Why not?

　　Default Account and service

When installing Linux for the first time, we should delete accounts that are not used. The more information you expose, the more damage you get.

Linux is a powerful system that provides many services to users, but not every service is what you need. This file is/etc/inetd. conf, which defines the services to be listened to by/usr/sbin/inetd. You may only need two of them: telnet and ftp, other classes, such as shell, login, exec, and talk, are closed unless necessary.

　　Block external Ping requests

"Echo 1>/proc/sys/net/ipv4/icmp_echo_ignore_all"

Such a command line,

/Etc/rc. d/rc. local

When the system starts each time, it will automatically block external Ping requests.

　　Enhanced log management

It is reasonable to say that the default Linux Log Management has been very complete, but it does not include ftp connection records in all behavior records. Network administrators can modify/etc/ftpaccess or/etc/inetd. conf to ensure that every ftp connection log can be recorded. A detailed understanding of every behavior of the system helps the network administrator defend against any possible attack.

　　Telnet Service

You can use Telnet to remotely log on to Linux. However, the operating system and version information are easily exposed when you log on to Linux. In this case, you can modify the Telnet command to execute the Telnet command line without displaying system information, to avoid targeted attacks.

For network administrators, the simplest and most effective way to protect system security is to download the latest security patch from the system publisher (only, the discovery of these patches is also likely to be a credit of hackers, perhaps because they have discovered system vulnerabilities ).

Establish a good security awareness, starting with the simplest Security Settings, and make rational use of security tools, all this seems simple for Linux administrators. However, to protect Linux, we must start with a simple process.