linux新服务器安全小步骤
更改 ssh port
cd /etc/ssh
vi sshd_config
重启 ssh service
service sshd restart
更改root密码
passwd
更改 /etc/inittab文件
启动 mode 为 3
关闭不必要的tty
关闭不必要service
setup 或 chkconfig
chkconfig –level 3 acpid off
chkconfig –level 3 anacron off
chkconfig –level 3 atd off
chkconfig –level 3 auditd off
chkconfig –level 3 autofs off
chkconfig –level 3 cpuspeed off
chkconfig –level 3 ip6tables off
chkconfig –level 3 iptables off
chkconfig –level 3 irqbalance off
chkconfig –level 3 lvm2-monitor off
chkconfig –level 3 mcstrans off
chkconfig –level 3 mdmonitor off
chkconfig –level 3 messagebus off
chkconfig –level 3 microcode_ctl off
chkconfig –level 3 netfs off
chkconfig –level 3 rawdevices off
chkconfig –level 3 readahead_early off
chkconfig –level 3 restorecond off
chkconfig –level 3 smartd off
chkconfig –level 3 xfs off
chkconfig –level 3 yum-updatesd off
如下几个service需要开启:
crond
network
sshd
syslog
删除用不到的系统用户
userdel news
userdel games
userdel gopher
userdel ftp
userdel xfs
重新启动机器
shutdown -r now
1条评论 ▼