CentOS系统安全配置
假设你想要建立一个Linux服务器,而且希望可以长期保护的话,就需求思考安全性能与速度等很多要素。一份准确的linux基本安全配置手册就显得分外主要。目录任务一系统安全配置1.删去系统特殊的的用户帐号2.删去系统特殊的组帐号3.用户密码设置4.修复自动刊出帐号时刻5.限制SHELL命令记录大小6.刊出时删去命令记录7.用下面的命令加需求的用户组和用户帐号8.阻止任何人SU作为ROOT9.修复SSH服务的ROOT登录权限10.关闭系统不使用的服务11.阻止系统响应任何从外部/内部来的PING请求12.修复“/ETC/H/OST.CONF”文件13.不允许从不一样的控制台进行ROOT登入14.阻止CONTROL-ALT-DELETE键盘关闭命令15.用CHATTR命令给下面的文件加上不行更改属性16.给系统服务端口列表文件加锁17.系统文件权限修复18.添加DNS19.H/OSTNAME修复20.SELINUX修复21.关闭IPV622.LINUX调整系统时区/时刻的方法23.设置言语24.TMPWATCH守时清除任务二WEB服务器安全配置1.勤打补丁2.建立一个安全的目录结构3.为APACHE使用专门的用户和用户组4.WEB目录的访问策略5.配置APACHE服务器访问日志6.APACHE服务器的密码保护7.削减CGI和SSI风险8.使用SSL加固APACHE9.APACHE服务器防备DOS攻击CentOS系统安全配置.pdf
本资源由开源阁IT资料站收集。
(If you want to set up a Linux server and want to protect it for a long time, you need to think about many factors such as security performance and speed. An accurate linux basic security configuration manual is particularly important. Directory Task 1 System Security Configuration 1. Delete the special user account of the system 2. Delete the special group account of the system 3. Set the user password Delete the command record 7. Add the required user group and user account with the following command 8. Prevent anyone from SU as ROOT /PING request from internal 12. Fix "/ETC/H/OST.CONF" file 13. Do not allow ROOT login from different console 14. Prevent CONTROL-ALT-DELETE keyboard close command 15. Use CHATTR command to give The following files are added and cannot be changed. 16. Lock the system service port list file 17. Repair system file permissions 18. Add DNS19.H/OSTNAME repair 20. SELINUX repair 23. Set language 24. TMPWATCH punctual cleaning task 2 WEB server security configuration 1. Patch frequently 2. Establish a secure directory structure 3. Use special users and user groups for APACHE 4. WEB directory access policy 5. Configuration APACHE server access log 6. Password protection of APACHE server 7. Reduce CGI and SSI risks 8. Use SSL to harden APACHE 9. APACHE server to prevent DOS attacks
CentOS system security configuration.pdf
This resource is collected by the Open Source Pavilion IT Information Station.)
页:
[1]