NFS Services
The Network File System is the basis for file sharing access in the Unix world. If you want to prevent users from sharing directories arbitrarily, you can increase the NFS limit, such as locking the /etc/exports file and defining the shared directory in advance. If you do not want users to share, only restrict user access, you need to modify the NFS startup script. Edit the /etc/init.d/nfs file, find the daemon line and comment it out. /etc/init.d/nfs # daemon rpc.nfsd $RPCNFSDCOUNT
Many configuration files and commands in the system are very sensitive. Modifying permissions and adding read-only properties can avoid security problems to some extent. Chmod 700 /bin/rpm #NFS shared directory configuration file chmod 600 /etc/exports #Host access control file chmod 600 /etc/hosts.* chmod R 751 /var/log chmod 644 /var/log/messages #System log configuration File chmod 640 /etc/syslog.conf chmod 660 /var/log/wtmp chmod 640 /var/log/lastlog chmod 600 /etc/ftpusers #user password file chmod 644 /etc/passwd chmod 600 /etc/shadow #check Module configuration file directory chmod R 750 /etc/pam.d chmod 600 /etc/lilo.conf #terminal configuration file chmod 600 /etc/securetty chmod 400 /etc/shutdown.allow #system access security configuration file chmod 700 /etc/Security #network system configuration file chmod R 751 /etc/sysconfig #hyper daemon configuration file chmod 600 /etc/xinetd.conf chmod 600 /etc/inetd.conf chmod R 750 /etc/rc.d/init.d/chmod 750 /etc/rc.d/init.d/* #autorun program control file chmod 600 /etc/crontab chmod 400 /etc/cron.* #SSH configuration file chmod 750 /etc/ssh #kernel control configuration file chmod 400 /etc/sysctl.confg chattr +I /etc/services chattr +I /etc/group chattr +I /etc/gsha Dow chattr +I /etc/hosts.* chattr +I /etc/xinetd.conf chattr +I /etc/exports chattr +I /bin/login chattr +a /var/log/message
Follow Log
First use the log server. It is a good idea to save a copy of the client's log information. Create a server to store the log files. You can check the logs to find the problem. Modify the /etc/sysconfig/syslog file to accept remote logging. /etc/sysconfig/syslog SYSLOGD_OPTIONS="-m r 0"
You should also set the log remote save. Modify the /etc/syslog.conf file to the log server settings, and syslog will save the copy on the log server. /etc/syslog.conf *.* @log_server_IP
A color log filter can be used. Color log loco filter, the current version is 0.32. Use loco /var/log/messages
without splitting the hard disk Installing Linux is a bit scary for novices: partitions and some ma
CentOS modify IP address First turn off the firewall: service iptables stop# ifconfig eth0 192.168.1
1. Restart the server2. At the beginning of the boot, enter the boot interface (as shown below) and
If you are a Linux user, you may have heard that you dont need to defrag your Linux files system. Yo
NetWare Client Easy Installation Instructions for Linux
Unexpected administrator Linux management integration security
Linux system backup strategy discussion
Arm linux boot process into the kernel
The number and string comparison operation commands under the shell
AMD says non-Android/Linux/Win systems are meaningless
Haproxy Installation Configuration Tuning Basics Tutorial
Debian installation chrome scim
CentOS install Apache+PHP+MySQL guide
P2v migration linux server under xenserver