Wednesday, October 11, 2006
find . -name “*.ext” find . -user mike #owned by mike find . -type d #All directories -type f for all files find . -size +1024M #More than 1 GB find . -name *.jpg ! -name bb* #All jpgs except those that start with bb find /etc -mtime -1 #All files in /etc that have [...]
RPM packages have a file of names like foo-1.0-2.i386.rpm, which include the package name (foo), version (1.0), release (2), and architecture (i386). � To display package information before installing the program, use the command: # rpm -qpi foo-2.3-8.i386.rpm � To install a RPM package, use the command: # rpm -ivh foo-1.0-2.i386.rpm � To upgrade a [...]
Linux has a special command (linux single) also known as ‘single-user mode’, which can be entered at the boot prompt during startup of the system. The single-user mode is generally used for system maintenance. You can boot Linux in single-user mode by typing at the LILO boot prompt the following command: LILO: linux single This [...]
Configure the /etc/exports file with the most restrictive access possible. This means not using wildcards, not allowing root write access, and mounting read-only wherever possible. � Edit the exports file (vi /etc/exports) and add: As an example: /dir/to/export host1.mydomain.com(ro,root_squash) /dir/to/export host2.mydomain.com(ro,root_squash) Where /dir/to/export is the directory you want to export, host1.mydomain.com is the machine allowed [...]
- Mounting boot partition read only, increases security of kernel. This how you do it in /etc/fstab LABEL=/boot /boot ext2 defaults,ro 1 2 And reload changes # mount /boot -oremount And yes, make it writable when you are planning kernel upgrade. Otherwise new kernel wont be able to enter Other security options in the fstab [...]
By default, when you login to a Linux machine, it tells you the Linux distribution name, version, kernel version, and the name of the server. This is giving away too much info. We’d rather just prompt users with a “Login:” prompt. To do this, edit the rc.local file (vi /etc/rc.local) and place “#” in front [...]
To find all files with the ‘s’ bits from root-owned programs, use the command: # find / -type f \( -perm -04000 -o -perm -02000 \) -exec ls -l {} \; software named “sXid�? that will do the job for you automatically each day and report the results via mail. To disable the suid bits [...]
The password length Edit the passwd file (vi /etc/pam.d/passwd) and remove the following line: password required /lib/security/pam_stack.so service=system-auth Edit the system-auth file (vi /etc/pam.d/system-auth) and remove the lines: password required /lib/security/pam_cracklib.so retry=3 password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow password required /lib/security/pam_deny.so Now add the following lines to /etc/pam.d/passwd. We use the PAM “pam_cracklib�? module [...]
Fix the permissions of the script files that are responsible for starting and stopping all your normal processes that need to run at boot time. To fix the permissions of those files, use the following command: [root@deep /]# chmod -R 700 /etc/init.d/* Which means just the super-user “root�? is allowed to Read, Write, and Execute [...]
http://www.securityfocus.com/infocus/1613
