A potential hacker to attack your Linux server, he first attempts to buffer overflows.
In the past few years, a buffer overflow is a type of vulnerability is the most common form. More seriously, buffer overflow vulnerability accounted for the vast majority of remote network attack, the attacker can easily make an anonymous Internet users have access to a host of part or all of the control author: yunyankong source!: Microsoft technical communities published: 2007.01.15 a potential hacker to attack your Linux server, he first attempts to buffer overflows. In the past few years, a buffer overflow is a type of vulnerability is the most common form. More seriously, buffer overflow vulnerability accounted for the vast majority of remote network attack, the attacker can easily make an anonymous Internet users have access to a host of part or all of the control power! in order to prevent such an attack, we installed the system should be aware of. If you use root partition record data such as log files and email, it may cause a denial of service produced a large number of logs or spam, causing the system to crash. It is recommended for the/var partition separately opened, used for storing logs and messages to avoid root partition to be overrun. The best for the particular application to open a separate partition, especially can produce excessive log program, there are proposals for a separate sub/home, so they can't fill the/partition, which avoids some of the Linux partition overflow against malicious attacks. About BIOS remember to set the BIOS to set a BIOS password, do not receive floppy booting. This prevents malicious individuals use a special boot disk to start your Linux system, and to avoid other people to change BIOS settings, such as change the floppy disk boot settings or not pop-up password box to start the server directly, and so on. About password password is a system of certification of the user's primary means of system installation default password minimum length is 5, but to ensure that the passwords are not easily guessed attack, can increase the password minimum length, at least equal to 8. To do this, you need to modify the file in the parameter PASS_MIN_LEN/etc/login.defs (password minimum length). At the same time should limit password use and ensure the regular replacement of the password, it is recommended that you modify the parameter PASS_MIN_DAYS (password use time). About Ping since nobody can ping-pass your machine and receive a response, you can greatly enhance the security of your site. You can add the following line to/etc/rc.d/rc.local so that each time you start to run automatically after, so that you can prevent your system from the response any external/internal to ping request. Echo1 >/proc/sys/net/ipv4/icmp_echo_ignore_all on Telnet if you want users to use the Telnet remote login to your server not to display the operating system and version information (you can avoid targeted exploit), you should override the line in/etc/inetd.conf like the following: telnetstreamtcpnowaitroot/usr/sbin/tcpdin.telnetd-plus-h flags at last make telnet daemon not display system information, but merely show the login. About privilege account banned all default start of the operating system itself and does not require account, when you first installed the system should do this check, Linux offers a variety of account, you may not need, if you do not need this account, you remove it, you have the account number, the more the more vulnerable to attack. To delete a user on your system, use the following command: userdelusername to delete your system group user account, use the following command: groupdelusername Terminal enter the following command to delete the following privileges to use account number: userdeladm userdellp userdelsync userdelshutdown userdelalt userdelmail if you don't have sendmail server, delete the account number: userdelnews userdeluucp userdeloperator userdelgames if you don't use Xwindows server, delete the account. Userdelgopr if you do not allow anonymous FTP, delete the user account:
No comments:
Post a Comment