Gnu/Linux Security
PDF Print E-mail
Article Index
Gnu/Linux Security
Continue....
All Pages
Page 2 of 2

The configuration is readable by everyone, so change the permissions to disable that.

chmod 600 /etc/lilo.conf

Now we update our configuration for changes to take affect after rebooting.

/sbin/lilo -v

This will rewrite the new configuration for the Linux loader after we made changes to it. We can make the /etc/lilo.conf as an immutable file so that normally no one can edit and add any changes. You can do this by executing.

chattr +i /etc/lilo.conf

Note: But when you again modify something in this file please remove the immutable bit and edit any changes.

Disabling the CTRL+ALT+DEL - 3 finger salute

You can edit the /etc/inittab file and find out the entry. You can edit the /etc/inittab file and find out the entry

ca::ctrlaltdel:/sbin/shutdown -t3 -r now

and put a #, so that line looks like this

#ca::ctrlaltdel:/sbin/shutdown -t3 -r now

Where # represents a comment. after this you need to execute

/sbin/init q

This will make sure that after pressing the key combinations the system does not reboot. Also set the immutable bit on the /etc/services file like this

chattr +i /etc/services

Edit the /etc/securetty file. This file allows you to specify on which tty's and Virtual Consoles(VC) root is allowed to login

The tty and VC's listed here, will allow root to login on certain tty's or VC's. On other tty or vs root user will not be allowed and user has to "su" to become root. Disable all accounts on the system which you do not use like for e.g.

userdel adm
userdel operator

also,remove the groups

groupdel adm
groupdel operator

then make the following file immutable

chattr +i /etc/passwd
chattr +i /etc/shadow
chattr +i /etc/gshadow
chattr +i /etc/group

Note:if you are editing this file for some reason,please remove the immutable bit like this:

chattr -i /etc/

Change the mode of "rpm" binary so that only root is able to use it.

chmod 700 /bin/rpm

Increase the Security of /etc/rc.d/init.d/ files. So change the permissions if all the file to 700 like this:

#chmod -R 700 /etc/init.d/*
#chmod -R 700 /etc/init.d/*

Remove the /etc/issue and /etc/issue.net files. /etc/issue.net is the banner which users see when they remote login to the system. Find the SUID and SGID file on the system and make a list for your reference in case system gets compromised then you can compare the changes happened in the system. To find out the files use:

find / -type f ( -perm -04000 -o -perm -02000 ) -exec ls -l {} ; > SuSgfiles

it will create a file "SuSgfile" of file on whome suid and sgid bits have been set.

find the unusual or hidden file s

find / -name ".. " -print -xdev
find / -name ".*" -print -xdev |cat -v

Finding group and world writable files
find / -type f ( -perm -2 -o -perm -20 ) -exec ls -lg {} ;

For finding directories use the command below

find / -type d ( -perm -2 -o -perm -20 ) -exec ls -ldg {} ;

To find the unowned files

find / -nouser -o nogroup

This covers the basic GNU/linux settings for systems which will make the system secure,you also have to consider the application which your server is supposed to server like for e.g running a webserver or an ftp server then there are various other steps which you need to cover for securing the applications.

 


<< Prev - Next
 

Who's Online

We have 1 guest online

Site Stats

Content View Hits : 42938
Copyright © 2010 Gnu Group India : Linux, Apache, MySql, Php - LAMP, Perl training provider in India. All Rights Reserved.
This is a Free Software released under the GNU/GPL License.