Home PC Games Linux Windows Database Network Programming Server Mobile  
  Home \ Linux \ Some safety precautions of Linux servers     - Automatic batch resolve dependencies problem locally installed rpm package (Linux)

- Oracle 11g RAC root.sh execution error second node failure example (Database)

- Netapp storage routine inspections and information gathering (Linux)

- Linux system crash (no such file or directory) How to rescue database (Linux)

- Java Concurrency: synchronized (Programming)

- How to Install Suricata IDS on a Linux system (Server)

- ORA-01839 error caused by incorrect system date setting (Database)

- Linux port mapping system (routing and forwarding) (Server)

- Let Markdown code syntax highlighting and support Django1.6 (Linux)

- Linux server alarms using Java (Server)

- C ++ based foundation: the difference between C and C ++ (Programming)

- Java reflection Introduction (Programming)

- Let the terminal under Mac OS X as like Linux has displayed a variety of colors (Linux)

- The principle Httpclient4.4 (HttpClient Interface) (Programming)

- Java keyword final, static (Programming)

- Install Redis 2.6 5.5 32 position CentOS error resolved (Linux)

- Enterprise-class GitHub warehousing environment build (Server)

- Eight sorting algorithm implemented in Python (Programming)

- The text formatting tools awk Linux system (Linux)

- iptraf: A Practical TCP / UDP network monitoring tools (Linux)

  Some safety precautions of Linux servers
  Add Date : 2018-11-21      
  If the owners of the Linux server can be a non-authorized users access to (such as IDC server on the public room, the public office), then it has some security risks.

Into the system using the single-user mode

Linux boot after boot: prompt, use a special command, such as linuxsingle or linux 1, will be able to enter single user mode (Single-User mode). This command is useful, such as forget super user (root) password. Reboot the system, the boot: prompt enter linux single (or linux 1), after the super user access system, edit the Passwd file, remove the root line of x can be.


The super user (root) into the system, edit / etc / inittab file, change the id: 3:

initdefault setting, in which the additional line is added (see below), let the system reboot into single user mode when prompted for super user password:

~ ~: S: walt: / sbin / sulogin

Then execute the command: / sbin / init q, so this setting take effect.

Transfer to the core during system startup dangerous parameters most commonly used boot loader in Linux (boot loader) tool is LILO, it is responsible for managing the boot system (can add other partitions and operating system). But some illegal users may easily start Linux or risk parameters passed to the kernel at system startup, which is quite dangerous.


Edit the file /etc/lilo.conf, which was added in the restricted parameters, this parameter must be used with the following parameters of a password to talk, indicating that at the boot: prompt, some of the parameters passed to the Linux kernel, you need to enter your password. password parameter can be used together with the restricted, but also can be used alone, the following will explain. Used in conjunction with restricted: only at startup parameters passed to the kernel, will be required to enter a password, and in the normal (default) mode, the password is not required, it must pay attention.

Alone (not used in conjunction with restricted): that no matter what boot mode, Linux always requires a password; If there is no password, no way to boot Linux, a higher degree of safety in this case, the equivalent of the peripheral joined a layer of defense. Of course there are disadvantages - you can not remotely reboot the system, unless you add restricted parameters.

Because the password is not encrypted clear text, so the /etc/lilo.conf file must be set to read only the super user can be set using the following command:

c hmod 600 /ietc/lilo.conf

Then execute the command: / sbin / lilo -V, writes boot sector, and to make this change to take effect.

^ D '/ [&

In order to strengthen security /etc/liIo.conf files, you can also set this file as immutable attribute, use the command:

c hattr ten i / etc / lilo.conf

If in the future you want to modify /etc/liIo.conf file with chattr -i / etc / lilo.conf command can remove this attribute.

Use "Ctrl + Alt + Del" key combination to restart this point is very important and very easy to overlook, if unauthorized users have access to the servers' keyboard, he can use the key combination "Ctrl + AIt + Del" to make your server restart.


Edit / etc / inittab file, to the ca :: ctrlaltdel: / sbin / shutdown-t3 -r now annotate ### ca :: ctrlaltdeI: / sbin / shutdown-t3 -r now.

Then execute the command: / sbin / init q, make the changes to take effect.
- RedHat Redis Linux installation (Database)
- Oracle Database asynchronous IO cause slow query response (Database)
- Linux common commands ll namely ls -l --color = auto (Linux)
- Plasma 5.4 How to install on Kubuntu 15.04 (Linux)
- numpy and SciPy installation under Python for scientific computing package (Linux)
- Linux Bash share tips for getting started (Linux)
- MySQL Data Types (Database)
- Oracle 11g RAC automatically play GI PSU patch ( (Database)
- 3 tips Linux command (Linux)
- How to create SWAP files in Ubuntu 14.04 (Linux)
- How to fix Ubuntu / Mint can not add PPA source of error (Linux)
- Android developers learning Adapter (data adapter) (Programming)
- Python 3 for instructions encoded string conversion (Programming)
- Ubuntu 14.04 installed NVIDIA graphics driver (Linux)
- 10 Regulation of painless SQL Schema (Database)
- C ++ precision performance test function (Programming)
- Linux iostat command example explanation (Linux)
- The principle Httpclient4.4 (HttpClient Interface) (Programming)
- Let Linux operating system more secure (Linux)
- Linux in order to make NMAP hide and seek with the firewall (Linux)
  CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.