Home PC Games Linux Windows Database Network Programming Server Mobile  
           
  Home \ Linux \ Linux operating system security settings initial understanding     - Linux Desktop allows exceptionally different launch applications (Linux)

- Under Ubuntu 15.04 installation JDK8 (Linux)

- Linux, security encryption to transfer files between machines (Linux)

- SSH without password (Linux)

- Linux server remote user to obtain root privileges prevention (Linux)

- Kubernetes cluster deployment (Server)

- Java Learning: elegant string (Programming)

- Install Mac OS X 10.9 systems VMware10 (Linux)

- Linux system monitoring tool set cpu (Linux)

- A brief introduction to some important Docker commands (Server)

- Install Visual Studio Code in Ubuntu (Linux)

- How to test your MongoDB application upgrade? (Database)

- Regular expressions in Perl (Programming)

- Performance comparison Fibonacci recursive and non-recursive (Programming)

- Jigsaw project will solve the problem of Java JAR hell Mody (Programming)

- MySQL fuzzy query: LIKE and REGEXP pattern mode (Database)

- mysqldump issue a note (Database)

- RedHat Linux 6 desktop installation (Linux)

- FFmpeg compiled with only H264 decoding library (Programming)

- CentOS / Debian configuration Gitlab 7.1x to build self Git repository (Linux)

 
         
  Linux operating system security settings initial understanding
     
  Add Date : 2018-11-21      
         
         
         
  As I write this article at the same time, somewhere in the world, and perhaps there is a computer in his home the first time you install release Linux. A new Linux administrators by their families and friends set up an account to make the system up and running. Perhaps not long after the initial installation is complete, the Linux system this will be very grateful to access high-speed DSL Internet.

Still vulnerable to attack

Today, almost all the available linux release loopholes in terms of security, in which most of the vulnerability is easily scored, but unfortunately by usages and practices, they are open. A typical installation of Linux when you first start to provide a wide variety of services that can be attacked, such as SHELL, IMAP and POP3. These services are often idle their users need to be used as an entry point to break the system, not only Linux limitations - well-weathered commercial UNIX also provide such services, but will also be a breakthrough.

Do not complain and blame the new system of locks (professional argument sturdy system) is very important. Believe it or not, a Linux system is robust process does not require too many system security expertise. In fact, you can in 5 minutes you can put unreliability Ninety percent of the masked.

let's start

Before starting rugged system, you should ask yourself the role of the machine used to comfort and access to the Internet. You have to carefully determine the service provided by the entire world, if you are not sure, it is best to do nothing. Clear understanding of their security strategy is very important. To decide on your own system using what is acceptable and what is unacceptable.

The goal of this article is an example of the machine as a workstation to send and receive mail, read news, browse the web, and so on.

Establishing Web services security

First, the superuser (root) login to the system to see with netstat command (which is standard on most Linux systems network tools) about the current state of the network, such as the output result is:

root @ percy /] # netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *: imap2 *: * LISTEN
tcp 0 0 *: pop-3 *: * LISTEN
tcp 0 0 *: linuxconf *: * LISTEN
tcp 0 0 *: auth *: * LISTEN
tcp 0 0 *: finger *: * LISTEN
tcp 0 0 *: login *: * LISTEN
tcp 0 0 *: shell *: * LISTEN
tcp 0 0 *: telnet *: * LISTEN
tcp 0 0 *: ftp *: * LISTEN
tcp 0 0 *: 6000 *: * LISTEN
udp 0 0 *: ntalk *: *
udp 0 0 *: talk *: *
udp 0 0 *: xdmcp *: *
raw 0 0 *: icmp *: * 7
raw 0 0 *: tcp *: * 7
     
         
         
         
  More:      
 
- Sort sql MySQL 5.6 upgrade slow Cause Analysis (Database)
- The principle Httpclient4.4 (execution request) (Programming)
- Git version rollback (Linux)
- Linux redirection and piping (Linux)
- Linux systems dmesg command processing failures and system information collected seven usage (Linux)
- Eclipse Android development environment installation (Linux)
- IOwait Linux system monitoring diagnostic tools (Linux)
- FreeRadius installation process record (Linux)
- Enable Intel Rapid Start in GNU / Linux (Linux)
- Linux platform host to prevent hacking skills (Linux)
- Linux mount command Detailed (Linux)
- Linux upgrade GCC 4.8.1 clear and concise tutorials (Ubuntu 12.04 64-bit version as an example) (Linux)
- Servlet life cycle code examples (Programming)
- Linux common network tools: ping host sweep (Linux)
- Spring MVC Exception Handling (Programming)
- Linux IPTables anti-DDOS attack Shell Scripting (Linux)
- Bash difference in single quotes and double quotes (Programming)
- Migu online music player for Linux (Linux)
- How to Install Linux kernel 4.0 on Ubuntu / CentOS (Linux)
- Process safety monitoring and protection under the Linux operating system (Linux)
     
           
     
  CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.