Linux as a symbol of freedom and openness, more and more customers concern, but the real use of individual user less, mainly because its system characteristics, and surrounding software developers less, so that it only has the server systems.
It's a bit of protection, the author describes: (1) it is necessary to prevent access to important files on Linux not like Windows, it is not only released the source code, the core program can also be modified based on user needs of arbitrary, but for some of the key file if inetd.conf and lilo.conf, etc, the same can be (remote login user) to modify, to help protect system security, you can modify its properties in advance in order to prevent the illegal invasion and modified. First enter the Linux command interface, enter the command: # chmod600/etc/inetd.con change file attributes is 600. Then enter the command: # chattr + I/etc/inetd.con guarantees that the owner of the file to the root. Thus, on the file of any change will be disabled. Only through the command: # inetd.con chattr-i/etc/root after reset Reset flag can be modified. 2. Prohibition of remote access on Linux is available through the/etc/hosts.allow and/etc/hosts.deny the 2 files allow and deny remote host access to local services. By entering the Linux command interface, the hosts.deny file, adding the following directives: # Denyaccesstoeveryone. ALL: & nbspALL @ ALL all services on all the external host prohibited, unless authorized by the hosts.allow file specified in the permit. In the hosts.allow file, to allow access to the host as follows: the hosts.allow file, adding the following directives: # Justanexample: http: 192.168.1.8yanghao.com mean allowed IP addresses and host names for 192.168.18 yanghao.com machine as client to access the http service. Using WindowsXP and other core "NT" system user should be more attention to security issues when using XP, it is best to open the firewall (for sale in the new Microsoft WindowsXP firewall will also be set to on by default). Any system user should have some knowledge of security, such as: does not reveal its own network and system information; do not execute programs from unknown sources. Secure system environment to build themselves.
No comments:
Post a Comment