linux security best practices

Author: Xuan soul This series navigation http://www.cnblogs.com/xuanhun/archive/2008/10/25/1319523.html Security Technology Zone http://space.cnblogs.com/group/group_detail.aspx? Gid = 100566 Preface The Web security practice series focuses on the practical research and some programming implementation of the content of hacker exposure-Web Application Security sec

We will discuss the practices of network security equipment, and we should arrange the location of the equipment in actual work. The advantages of such deployment are extremely inadequate. 1. Basic router filter practices 650) this. width = 650; "border =" 0 "alt =" "src =" http://www.bkjia.com/uploads/allimg/131227/0T412G49-0.png "/> Disadvantages: 1. The servi

Some of the best practices for designing, developing, and deploying Web applications are listed. Some of them are personal experiences and some are obtained through materials, which is relatively simple and can be used as a reference. Well, the premise is that you must first ensure network security and host security, and then consider Web

[Web security practices] XSS Article Points: 1. Understand XSS 2. XSS attacks 3. XSS defense (important)I. Understanding XSS first Let's start with a story. In the previous article, I also want to talk about this case. In fact, what is attack is very simple. Attackers can obtain the information they want. I caught a Tomcat Vulnerability (this is not what I said, but someone I know). I uploaded a JSP file, s

Web security practices (8) attack iis6.0 Through the previous discussion, we have learned how to determine the type of web server. This section continues to discuss web platform vulnerability attacks. The defect mentioned here is the defect of the server itself, not the defect caused by the Administrator's configuration. This defect can only be avoided by upgrading or patching. Of course, for different serv

Chapter 6 security defense practices for iOS apps: files that cannot be destroyed Think of a common file system as a big notebook. When a file is deleted, many people think that this page is completely hacked with the trigger, just like the confidential document about Area 51. But in fact, what happened behind this operation is more like drawing a huge X on this page with a very small red pen. The file is m

DM is now one of the essential services required by domestic operators. The DM service operator can understand the user terminal situation and data usage, and the customer service mode has changed. The terminal manufacturer can reduce the after-sales cost and configure parameters and upgrade the subsequent versions more conveniently. China Mobile calls the DM Service enhanced after-sales service. This series of articles provides best practices for CMC

I. machine architecture supported by MySQL MySQL claims to be the most popular open-source database in the world today. It is released for free and can run on a variety of platforms. This is why hackers are eager for it. Compared with other large databases, the configuration is much easier and easier, and the performance is also mentioned. Although its usage is relatively simple, there is still a lot of work to do in terms of security configuration, w

PHP security practices that system administrators must know

HTTP://WWW.IBM.COM/DEVELOPERWORKS/CN/LINUX/L-LSM/PART1/1. Related background: Why and whatIn recent years, Linux system has been widely concerned and applied by computer industry because of its excellent performance and stability, the flexibility and expansibility of open Source feature, and the lower cost. But in terms of security, the

Linux driver development focuses on content-from "embedded Linux driver template overview and project practices", embedded driver development This article is excerpted from my lecture on Embedded Linux driver templates and project practices. Initially, it seems that the deve

commands operate as follows: See if the host has a br0 bridge and it does not exist; Add a NIC named Eth1 to the test01 and configure the IP172.18.18.36/24; If there is already a default route in test01, delete it and set 172.18.18.1 as the default route L Connect the test01 container to the br0 on the previously created bridge; This process is similar to the previous process of using IP command configuration, pipework is actually code written in Shell.Pipework in fact

once the computer's key has changed, refused to connect.Identityfile: Sets the file from which to read the user's RSA Security authentication identity.PORT: Set the ports to connect to the remote host.Cipher: Set password for encryption?To turn services on or off using the command service * * Start/stopQuerying Linux virtual machine IP using ifconfigThe IP input putty, and then enter the password, display

1. Basic security measures1.1 System Account CleanupIn the Linux system, in addition to the user manually created, but also included in the system or program during the installation process of a large number of other users, in addition to Superuser root, a large number of other accounts just to maintain the system operation, start or maintain the service process, generally not allowed to log in, and therefo

Linux Kernel compilation practices-general Linux technology-Linux programming and kernel information. The following is a detailed description. I recently read several articles on Linux kernel compilation on the Internet. I have read a few articles about this. I encountered m

display= native ip:0.0 (0.0 means display number for xming is 0, and if display # is set to a different value it needs to be consistent) Enter a command in putty to open the appropriate program, such as Firefox, Gedit Appendix Reference 7 operating levels for Linux systems: http://blog.chinaunix.net/uid-22746363-id-383989.html View and add path environment variables under Linux