Home PC Games Linux Windows Database Network Programming Server Mobile  
  Home \ Linux \ Linux operating system security settings initial understanding     - Single-node Hadoop environment to build (Server)

- C language files update in real time (Programming)

- Using Python and OpenCV detecting image barcode (Programming)

- How to Debian Linux the default Python version switch to alternative version (Linux)

- dd command: do hard disk IO performance test (Linux)

- and localhost difference (Server)

- Hunk / Hadoop: Performance Best Practices (Server)

- Python script running in the background (Programming)

- Cobbler batch install Ubuntu / CentOS system (Linux)

- Linux source code analysis tool (Linux)

- VMware difference in three network connection (Linux)

- Ubuntu Eclipse configuration Gtk + 2.0 libraries (Linux)

- Detailed reference Oracle 11g Partition (Database)

- Relationship between Linux permissions with the command (Linux)

- Linux kernel IPv6 protocol closed manner (Linux)

- Fedora 20 users install the Mate 1.8 desktop (Linux)

- Struts2 Result Types (Programming)

- Hadoop1.2.1 plug compilation (Server)

- HttpClient Tutorial (Programming)

- Fast Learning Clojure (Programming)

  Linux operating system security settings initial understanding
  Add Date : 2018-11-21      
  As I write this article at the same time, somewhere in the world, and perhaps there is a computer in his home the first time you install release Linux. A new Linux administrators by their families and friends set up an account to make the system up and running. Perhaps not long after the initial installation is complete, the Linux system this will be very grateful to access high-speed DSL Internet.

Still vulnerable to attack

Today, almost all the available linux release loopholes in terms of security, in which most of the vulnerability is easily scored, but unfortunately by usages and practices, they are open. A typical installation of Linux when you first start to provide a wide variety of services that can be attacked, such as SHELL, IMAP and POP3. These services are often idle their users need to be used as an entry point to break the system, not only Linux limitations - well-weathered commercial UNIX also provide such services, but will also be a breakthrough.

Do not complain and blame the new system of locks (professional argument sturdy system) is very important. Believe it or not, a Linux system is robust process does not require too many system security expertise. In fact, you can in 5 minutes you can put unreliability Ninety percent of the masked.

let's start

Before starting rugged system, you should ask yourself the role of the machine used to comfort and access to the Internet. You have to carefully determine the service provided by the entire world, if you are not sure, it is best to do nothing. Clear understanding of their security strategy is very important. To decide on your own system using what is acceptable and what is unacceptable.

The goal of this article is an example of the machine as a workstation to send and receive mail, read news, browse the web, and so on.

Establishing Web services security

First, the superuser (root) login to the system to see with netstat command (which is standard on most Linux systems network tools) about the current state of the network, such as the output result is:

root @ percy /] # netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *: imap2 *: * LISTEN
tcp 0 0 *: pop-3 *: * LISTEN
tcp 0 0 *: linuxconf *: * LISTEN
tcp 0 0 *: auth *: * LISTEN
tcp 0 0 *: finger *: * LISTEN
tcp 0 0 *: login *: * LISTEN
tcp 0 0 *: shell *: * LISTEN
tcp 0 0 *: telnet *: * LISTEN
tcp 0 0 *: ftp *: * LISTEN
tcp 0 0 *: 6000 *: * LISTEN
udp 0 0 *: ntalk *: *
udp 0 0 *: talk *: *
udp 0 0 *: xdmcp *: *
raw 0 0 *: icmp *: * 7
raw 0 0 *: tcp *: * 7
- Let MySQL 5.6 support Emoji expression (Database)
- Hibernate4 The Hello World (basic environmental structures) (Programming)
- Java data structures - the single linked list LinkedList linear table (Programming)
- Linux screen command (Linux)
- How to clear the v $ archived_log view expiration information (Database)
- About Linux operating system security (Linux)
- Node.js simple interface server (Server)
- pdf.js Tutorial (Linux)
- SSH keys using login and password to log prohibited practice (Linux)
- Linux argument references and command substitution (Linux)
- System Safety: Windows and Linux platforms (Linux)
- Use Visual Studio 2015 to develop Android program (Programming)
- Dialogue UNIX:! $ # @ *% (Linux)
- A script to make your Ubuntu 14.04 Memory screen brightness (Linux)
- Ubuntu users to install Gnome-Pie 0.6.5 (Linux)
- Keepalived + HAProxy high availability load balancing (Server)
- apt-get install openstack pkg Troubleshooting (Linux)
- Oracle 12c of the auto-increment Identity Columns (Database)
- Function Getting the Linux shell (Programming)
- Linux Platform Oracle 11g Single Instance Installation Deployment Configuration Quick Reference (Database)
  CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.