摘要:
linux 白皮书
关于本词汇表
对于初涉 linux& 世界的 microsoft& windows& 用户而言,有许多新的术语需要学习。本词汇表简明地解释了 linux 产品常用的许多术语、首字母缩写词和缩写的意思和意义。(其中有些术语并不是 linux 所特有的,但许多 windows 用户可能仍然对它们感到很陌生。)本文档将有助于澄清对 linux 的一些......
摘要:
rhas3.0 + qmail + mysql + smtp + vpopmail + igenus + qmailadmin
一、安装说明。
为了方便安装我在安装redhat3.0时选了apache、php、mysql,注意mysql-devel和mysql-server开发包一定要装上,其中mysql-server可以在网上找原码重编译生成也可以到我的ftp下载:ftp://down......
Linux Security Tips
[code:1:8d0bc392ea]
【程序编程相关:
[原創][分享]用 MAC 來定網卡編號】 【推荐阅读:
使用Yum把Redhat旧版本升级到Fe】
【扩展信息:
RedHat 7.3 Live in C】 linux security tips
by kapil sharma
--------------------------------------------------------------------------------
in this article i will explain how to make your linux box secure by taking basic security measures. this article will enable anybody to tighten the security of a redhat linux box.
bios security
always set a password on bios to disallow booting from floppy by changing the bios settings. this will block undesired people from trying to boot your linux system with a special boot disk and will protect you from people trying to change bios feature like allowing boot from floppy drive or booting the server without password prompt.
lilo security
add the three parameters in "/etc/lilo.conf" file i.e. time-out, restricted and password. these options will ask for password if boot time options (such as "linux single") are passed to the boot loader.
step 1
edit the lilo.conf file (vi /etc/lilo.conf) and add or change the three options :
boot=/dev/hda
map=/boot/map
install=/boot/boot.b
time-out=00 #change this line to 00
prompt
default=linux
restricted #add this line
password=<password> #add this line and put your password
image=/boot/vmlinuz-2.2.14-12
label=linux
initrd=/boot/initrd-2.2.14-12.img
root=/dev/hda6
read-only
step 2
the "/etc/lilo.conf" file should be readable by only root because it contains unencrypted passwords.
[root@kapil /]# chmod 600 /etc/lilo.conf (will be no longer world readable).
step 3
update your configuration file "/etc/lilo.conf" for the change to take effect.
[root@kapil /]# /sbin/lilo -v (to update the lilo.conf file).
step 4
one more security measure you can take to secure the "/etc/lilo.conf" file is to set it immutable, using the chattr command.
* to set the file immutable simply, use the command:
[root@kapil /]# chattr +i /etc/lilo.conf
this will prevent any changes (accidental or otherwise) to the "lilo.conf" file.
for more information about lilo security, read my article on lilo.
disable all special accounts
you should delete all default users and group accounts that you dont use on your system like lp, sync, shutdown, halt, news, uucp, operator, games, gopher etc
to delete a user account :
[root@kapil /]# userdel lp
to delete a group:
[root@kapil /]# groupdel lp
choose a right password
you should follow the following guidelines before choosing the right password.
...
下一页 摘要:
一个数据库备份的脚本,数据库密码写在里面了,需要人手执行它,但不想里面的密码被人看到,chmod 111 不行,因为是脚本,读不了就执行不了了,尝试过使用suid但好象也不行,不知道是我没用对还是根本就没有办法??
pdiunix 回复于:2004-02-27 12:26:28
用vi时候用:x加密码。
camp 回复于:2004-02-27 13:41:5......
