/aclist. ini", "");For ($ I = 0; $ I
{If ($ Accounts [$ I]! = ""){If (eregi ("^ [a-z] {1} [a-z] {} $", substr ($ Accounts [$ I )))$ Temp = $ temp. $ Accounts [$ I]. ',';}}@ Fwrite ($ fp, $ temp );@ Fclose ($ fp );} Exit;}
} // End class
$ AccDel = new Account_Del;$ AccDel-> DelAcc ();?>
======= The information of the aclist. ini file = the end time of the User Name Creation Time ===
Root , bin , daemon , adm , lp , sync , shutdown , halt , mail , news , uucp , operator , games , gopher , ftp ,
Linux System Security Settings Shell script
This script has been widely used in a large media website system and added some security settings that were not previously imagined. Copy it and save it as a Shell file, such as security. sh. upload it to the Linux server. Execute sh security. sh to use this script!
Note: The script is for reference only. We recommend that you modify it based on your actual needs. Do not use it blindly!
#!/bin/sh
# desc: setup linux system security
# author:coralz
, including hidden directoriesExample:[Email protected]/]#.app/dev/lib64/mnt/root/sys/bin/etc/lost+found/net/sbin/tmp/boot/home/media/opt/selinux/usr/. dbus/lib/misc/proc/srv/var/2Tab current directory subdirectories, excluding hidden directoriesExample:[Email protected]/]#App etc lost+found Net Sbin tmpBin home media opt SELinux usrBoot lib misc proc srv varDev lib64 mnt Root sys~2tab List of all usersExample:[Email protected]/]# ~~abrt/~games/~nobody/~saslauth~adm ~gdm/~ntp/~shutdown/~apache/~
successful logon events and the last unsuccessful logon events, which are generated by login. This file is a binary file and needs to be viewed using the lastlog command. The username, port number, and last logon time are displayed according to the UID sorting. If a user has Never logged on, it is displayed as "** Never logged in **". This command can only be executed as root. Simply enter the lastlog command and you will see information similar to Figure 4:
[Root @ TestStation etc] #
logon/var/log/lastlog log file to record the recent logon time of each user. Each user has only one record [html] [root @ bogon ~] # Lastlog Username Port From Latest root: 0 Wed Oct 24 03:02:36-0700 2012 bin ** Never logged in ** daemon ** Never logged in ** adm ** Never logged in ** lp ** Never logged in ** sync ** Never logged in ** shutdown ** Never logged in ** halt ** Never logged in ** mail ** Never logged in ** news ** Never logged in ** uucp ** Never logged in ** operator ** Never logg
char other tty devices 0 =/dev/tty current tty device 1 =/d EV/Console System Console (usually/dev/tty0) 2 =/dev/ptmx all Pty master's mutex 7 char virtual console capturing devices (these devices allow both read and write) 0 =/dev/VCs text content of the current virtual console (VC) 1 =/dev/vcs1tty1... 63 =/dev/vcs63tty63 text content 128 =/dev/vcsa text/attribute content of the current virtual console (VC) 129 =/dev/vcsa1tty1 text/attribute content
writing is as follows, the main purpose is to demonstrate how to handle similar problems. #2. Here, the output of the For Loop is passed to the sort command in the form of a pipe, and the sort command is sorted based on the user. #3. -xargs-N 2 is the focus of this technique. It combines the sort output. The numeric parameter after the-n option will prompt the xargs command to merge the output into one output, and pass it to the subsequent commands. In this example, xargs merges each two rows
pathThree.The du command shows the size of the file taking up disk space-S displays the overall size of sub-files and subdirectories under the entire directory-H to convert unitsDF command to view the use of file system disk partitions-I displays the usage of the inode within the disk partition-H to convert units-p POSIX display, neat not to break the lineFour. device filesFiles in the/dev/directory are device filesCRW-------1 VCSA TTY 7, 3 21:12 VCS
1. The Windows Vcenter environment modifies the following filesC:\ProgramData\VMware\vCenterServer\runtime\VMwareSTSService\webapps\websso\WEB-INF\view\unpentry.jsp2, VCSA Environment Modify the following documents/usr/lib/vmware-sso/vmware-sts/webapps/websso/web-inf/views/unpentry.jsp3. Find the following line of code in the above file and fill in the corresponding values650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/74/AE/wKioL1YmaRzDYjX
A test server in the office opened the Tomcat Administration page with external access enabled, and a weak password was set. These 3 factors at the same time set up, not a few days by uninvited guests put a Trojan horse. The aftermath was not seriously affected, but it also gave me a wake-up call. So the following small security measures.1 , close users that are not availableExecute directly at the command line:# cp/etc/passwd/etc/passwd-$ (date +%f). bak# for I in XFS news nscd Dbus
/mail mail/sbin/nologin x UUCP/VAR/SPOOL/UUCP uucp/sbin/nologin x 0 operator/root Operator/sbin/nol Ogin x games/usr/games games/sbin/nologin x gopher/var/gopher gopher/sbin/nologin x GB FTP user/var/ftp Ftp/sbin/nologin x Nobody/nobody/sbin/nologin x owner/dev vcsa/sbin/nologin x 499 7 6 SASLAUTHD user/var/empty/saslauth saslauth/sbin/nologin x 89/var/spool/postfix postfix/Sbin/nologin x privilege-separated ssh/var/empty/sshd sshd/bin/bash x 500/home
users with super privileges CAT/ETC/PASSWD | grep '/bin/bash ' //List of users with login shell If there are other super users besides Root, then be very careful.1.1 Remove the user and user groups from the systemDelete the user, such as Adm,lp,sync,shutdown,halt,news,uucp,operator,games,gopherDelete a group, such as Adm,lp,news,uucp,games,dip,pppusers,popusers,slipusers1.2 or lock users who do not need to sign insuch as: XFS,NEWS,NSCD,DBUS,VCSA,G
#########################################//The following is an account that the lockout system does not need to logincp/etc/passwd/etc/passwd. ' Date +%f 'zhanghao= "ADM LP mail UUCP operator Games Gopher ftp Nobody nobody4 noaccess listen webservd rpm dbus Avahi mailnull Smmsp NSCD VCSA RPC rpcuser NFS sshd pcap NTP haldaemon distcache apache webalizer squid xfs GDM sabayon named "For en in $zhanghaoDoPasswd-l $zhDoneecho "Lock useless users .......
First, the hardware configuration:ESXI1:CPU (4 cores), memory (12G), hard disk (40G)ESXi2: CPU (2 cores), memory (4G), hard disk (40G)Note: The VCSA will be installed on the ESXI1 with the default minimum memory of 8G.Ii. installation of ESXiLoad the Vmware-vmvisor-installer image and start the installation650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M02/8E/BA/wKiom1jKLzrRww61AAAcdR0vhoU174.png "title=" esxi1 . PNG "alt=" Wkiom1jklzrrww61aa
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.