Author: Yang Wei Yu so far, you have installed the Linux computer if you do not have any security measures, then I think you should know about Linux security knowledge, and on this basis, use the techniques described in this article to your Linux platform more secure.
Of course, I'm just according to their own needs to let the reinforcement of the Linux platform, so it may not be able to fully meet your requirements, but I think you should have some help. Security needs at home, I use RedHatLinux. In General, I rarely shutdown, also often use this machine via broadband connection on the Internet. In other words, my machine in general are online. For this computer's security, I have two points to consider: 1. I want to put those who did not want to let others see the data and documents are hidden; 2. don't let uninvited guests use my computer resources. On my computer, there are a lot of important data. I think most people have their own computer on that very important documents and data. I don't want besides me to read and write any of those files. In addition, I do not want the intruder using my machine to attack another target. If I find someone is using my machine to attack the others, I will be very angry. As you will and I feel the same way. Makes people uneasy problem is that sometimes we are "black", acts as an attack others system roles, which they are kept in the dark. Do a security plan to begin the installation of Linux system, I'll configure Iptables in the kernel. Iptabels is considered a Linux implementation packet filtering feature of the fourth generation of applications. The first generation of the Linux kernel 1.1 version using AlanCox transplanted from BSDUnix in the ipfw. In the version of the kernel Linux2.0, JosVos and other programmers to extend the ipfw, and added the ipfwadm user tools. In Linux2.2 Edition kernel, Russell and MichaelNeuling did some very important improvement. That is in the kernel, Russell added to help users control filtering rules for ipchains tool. Now, Russell has completed its called NetFilter kernel framework. NetFilter's purpose is to provide users with a dedicated to packet filtering of underlying structure. And, users and developers can also set which was built on the Linux kernel. Iptables is a built-in in the NetFilter framework modules. It allows the user access to kernel filtering planning and command. If you know the ipchains, Iptables, ipchains is actually very similar. Through the Iptables configuration, I can block any packets into or out of my machine. This is important because my machine 24 hours online. With this new protection features, it makes my machine always can block from various attacks on the network. Use and configure Iptables is not difficult. In this limited space, I will not discuss (readers can easily find relevant information on the Internet). Next you want to discuss is the LIDS (Linux intrusion detection system). LIDS to kernel patch way exists. LIDS is by limiting computer file and process access to improve the security of your computer. In an attempt to undermine these limits, it will alert you. LIDS another advantage is that it even can limit the permissions of the root account. This limits the root account permissions, the intruder to get root privileges, you can minimize the loss. I use LIDS to protect binary system files,/var/log directory log file, the/etc directory of the configuration file. I will be marked as Readonly no binary files, including the root user, you can revise it. For log files, I will identify it as Append. This is the directory in the file, you can make a write operation, but cannot modify or delete existing data. Next I need to do is to minimize the services running on the machine. In the services running on a machine less people invading my machine, the less likely. By default, many Linux distributions will run many permanent program. My personal opinion, not very reasonable. So I turned off my Telnet, FTP, as well as all the "R" letter to the program. So I can avoid the sometimes too late to upgrade or install some patches and threat to the system. For those I have to use the service, I will try to install security patches in a timely manner. And, if the service discovered vulnerabilities, and there is no relevant patches appear, I will temporarily shut down the service until you have fixed patch occurs. Once you minimize the services running on your computer after I used the "netstatl" command to listen. The aim is to make sure I didn't miss anything I don't need the service. In fact, do not do any listening is often prone to making mistakes. If you listen to anything I don't need the service, this can be fixed. Use the emergency door in the computer world, there is no absolute security, which means that you cannot completely prevent hacker attacks. Although my computer has not been attacked before, but I never think that it is 100% safe. I just started using Linux in the first few months, almost never considered its security. I do basically how to make this new operating system work together, working better, and so on. Then I put more effort into learning some basic Linux commands and how to use the system, and no effort to focus on other things. During that timeI suffered many attacks. Although it did not cause fatal injuries, but now think of it is still prohibited. Well, now that your machines are doomed forever to attack, so let us look at how to look after it. First look at the TCT (TheCoroner ' sToolkit, http://www.porcupine.org/forensics/tct.html), this is a good tool. It can run on Linux, FreeBSD, OpenBSD, Solaris, Unix and other platforms. It can last for files modified, accessed, or change the time for analysis, and the value of the node based on data extracted from the file list, for recovery. You can do you doubt that there are dangerous to run it on the machine to be checked. After running this tool, it will be your hard drive to collect data and carry out checks. However, I feel this tool for beginners, too difficult to use. Therefore, if you've never used a TCT, then you must read before using a very large number of documents. Fortunately, in the tool's home page, there are a number of HOWTO documents, so if you want to try friends can first take a look at these documents. If you feel that the English document look harder, you can find in Google's Chinese Web page TCT keyword, you can find a lot of related information in Chinese. Security of information transmitted to the default message delivery is not secure. In this case, you're the Internet transmission of content can be anything else to see. You can use the traceroute test and see. In the command line, enter "traceroutewww.google.com", you can know that you submit to Google search packet, how many machines you can see your packets. Usually, when I log on to a site, I want to make sure that you are using a secure HTTPS page —. HTTPS uses SSL to encrypt the transmission of data. If you do not, I transferred data easily when wielded by tapping machines. For example, when using their various Web services, Yahoo provides a secure login and submit. I have a Yahoo email account. Use the account, I can log in at any time to check my mail, without worrying about my information will be others peeping. For remote management, I am using ssh and scp two programs to replace Telnet and FTP. They seem very easy to install and function also fully meets my needs. Once installed, I can open in Iptables configuration corresponding machine port so that I can connect to the machine from the outside. Here try to briefly describe how I make my own machine become safe. Hope these experiences to everyone how to safely use Linux help.
No comments:
Post a Comment