140 likes | 154 Views
Explore essential tips and tricks for enhancing security on a Linux system, covering account management, local and network security, patch management, and service protection for applications like Sendmail, BIND/DNS, Apache, and FTP servers. Stay informed about recent Linux security threats and get actionable guidance on how to secure your system effectively.
E N D
Linux Security 資管研究生 劉順德
Outline • General Security • Account • Local • Network • Patch • Services Security • Sendmail • BIND/DNS • Apache • FTP • Recent Linux security information • Linux worm
General Security • Account • The password length • Set login time out for root account • Special account • Blocking anyone to su to root
General Security • Local • Find all files with SUID/SGID bit enabled • Local login access control • More control on mounting a file system • Fix the permissions under “/etc/rc.d/init.d” • Resource limits • Integrity Checking
General Security • Network • Use xinetd • An program to replace inetd and tcp wrapper • Routing Protocol • Disable source routing • Enable TCP SYN Cookie Protection • Echo 1> /proc/sys/net/ipv4/tcp_syncookies • Clear issue file
General Security • Patch • Patch information : • http://www.redhat.com/support/errata/ • Download • ftp://updates.redhat.com/ • Integrity Check • rpm –checksig <PatchFile> • Install : • Rpm –Uvh <PatchFile>
Securing Sendmail • The Sendmail restricted shell “smrsh” • The “/etc/aliases” file • Prevent your sendmail being abused by unauthorized users • Restrict who may examine the queue’s contents • Set the immutable bit on important sendmail files
Securing BIND/DNS • Running BIND/DNS in a chroot jail
Securing Apache • Change some inportant permission file and directories of your web server • Automatic indexing • Create the .dbmpasswd password file for users authentication • Immunize important configuration file like “httpd.conf” • Running apache in a chroot jail • Configuration of the new “/etc/logrotate.d/apache” file
Securing FTP server • The ftpusers file • The anonymous FTP program • The upload command • The special file “.notar” • The noretrieve command
Recent Linux security information • Linux worm • Radmen (infect Redhat6.2 & 7.0) • Lion (infect Bind 8.2.x ) • The Same features • According an Vulnerability to attack • The same work flow
Logging ip Syn scan attack ftp
Reference • www.securityfocus.com • Securing and Optimizing RedHat Linux • Maximum Linux security • Linux security How-To