| |
Now many small users for business development, and constantly update or upgrade the network, resulting in a large difference in their own user environment, uneven across the network platform, the server they use a Linux system, and PC side using Windows systems. So in enterprise applications often Linux / Unix and Windows operating systems co-exist the formation of heterogeneous networks. SMEs lack of experienced Linux administrators and network security products procurement funds, so for lack of a comprehensive network security is often a lack of consideration. It will secure server security and network devices to address enterprise and other troubles.
Close unused ports
Any network connection through an open application ports to achieve. If we as little as possible to open ports to make network attacks become a source of water, thereby greatly reducing the attackers chance of success.
First, check your inetd.conf file. inetd tarried on certain ports, ready for you to provide the necessary services. If someone developed a special inetd daemon, where there is a security risk. You should comment out those who never used the service in the inetd.conf file (eg: echo, gopher, rsh, rlogin, rexec, ntalk, finger, etc.). Note unless absolutely necessary, you must comment out the rsh, rlogin and rexec, and telnet suggest you use ssh instead of more secure, then kill lnetd process. Such monitoring is no longer inetd daemon on your machine, so as to prevent some people use it to steal your application port. Your best is to download a port scanner to scan your system, you do not know if there are open ports, immediately find the process is using it to judge whether or not to close them. |
|
|
|