Home PC Games Linux Windows Database Network Programming Server Mobile  
  Home \ Linux \ AIX system file security aspects     - shell script: MySQL monitoring service is normal (Database)

- HAproxy let IP recording back-end RS (Server)

- Linux unpack the tar file to a different directory (Linux)

- CentOS 7.0 running Docker kernel error solution (Server)

- Oracle Database Delete Delete million or more common method of heap table data (Database)

- Linux use additional rights (Linux)

- Deploy the project to the server from GitHub (Server)

- Java input and output common class Scanner (Programming)

- libnet list of functions (Programming)

- How to query the role of Linux services (Linux)

- MySQL partition summary (Database)

- ARM constant expression (Programming)

- Installation and configuration under Linux SVN server - Backup - Recovery - Scheduled Tasks (Server)

- Android Touch message passing mechanism analysis (Programming)

- Oracle data files deleted recover after physical (Database)

- Scala REPL Shell call (Programming)

- Ubuntu 15.10 / 14.04 install subtitling software Aegisub (Linux)

- Hard disk encryption to protect data security (Linux)

- GNU / Linux enable Intel Rapid Start (Linux)

- Build a super simple "hardware" firewall router (Linux)

  AIX system file security aspects
  Add Date : 2017-01-08      
  This article discusses how to check the security of files, directories and executable programs on AIX systems, to prevent possible security risks.

1. Delete junk files

After many programs finished running, it will leave a lot of junk files in the / tmp directory. AIX system provides a command skulker, it can remove a.out file / tmp directory, core file and ed.hup files. Specific command mode is:

# Skulker -p

2. Delete the file owner

On AIX systems if a user is deleted, the original part of the user's files will become the owner of the file no. You can use the following command to find these files:

# Find / -nouser -ls

If the document is also used to find out too, you can assign them to some user already exists under. Otherwise, delete these files.

3. Management unauthorized remote access

Some programs use .rhosts file access remote systems. But sometimes this practice by unauthorized users. To avoid this, you can delete the .rhosts file.

In HACMP environment, .rhosts file is required. Then you need to access .rhosts file is set to 600, and the owner is root.system.

The following command can be used to find .rhosts file:

# Find / -name .rhosts -ls

4. Monitoring of the executable file properties

Prior to monitor certain executable files, you need to understand how these files are being used. Especially those to monitor owner is root, the word of papers in files SUID and SGID settings.

The following command can find all the files above conditions are met:

# Find / -perm -4000 -user 0 -ls

# Find / -perm -2000 -user 0 -ls

Save the above command output. Timed Run these two commands, and compared with the saved results to see if there are unknown file appears to prevent possible security risks.

5. The management background job running cron and at

You must do the following:

- Ensure that only the root user cron.allow and at.allow file.

- From the directory var / adm / cron remove cron.deny and at.deny files.

- Ensure that the owner cron and at jobs that root and only writable by root.

We are talking about the contents of the above file AIX system in terms of security instructive. In particular, consider using AIX security system should also be considered more content areas.
- Java Set and List in the relationship and difference (Programming)
- Spark parquet merge metadata problem (Server)
- Ubuntu and derived versions of the user how to install G Mic (Linux)
- How to Install Node.js in CentOS 7 (Linux)
- Linux script commands - terminal recorder (Linux)
- Wildcards and special symbols usage comments under Linux (Linux)
- Three binary tree traversal (recursive, non-recursive traversal and Morris) (Programming)
- Linux Security (Linux)
- Interesting example of Linux Sort command (Linux)
- MongoDB data replication and data slices (Database)
- Android source code compiled fatal error solutions (Programming)
- Linux System Getting Started Tutorial: How to automatically set the JAVA_HOME environment variable on Linux (Linux)
- How to use the tab in Vim carried Python code completion (Linux)
- Git uses a small mind (Linux)
- configuration ssh without password under Linux (Linux)
- Python KNN algorithm of actual realization (Programming)
- How to create an alternative Android / iOS connected wireless hotspot AP in Ubuntu 15.04 (Linux)
- Linux stand-alone OGG synchronous Oracle 11g DB test (Database)
- cat command uses the Linux redirection merge files (Linux)
- Oracle 11g user rights management study notes (Database)
  CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.