4. file system permissions to find out the system all the w s "bit of procedure, put unnecessary" s "bit removed, or never have to delete the direct, so you can prevent users from abuse and the possibility of an elevation of privilege, its commands are as follows: put the important file plus the immutable property: depending on the needs, some exploit overflow will write to the inetd.conf after one statement to bind shell in a port monitor, then this command will play a role, shallow intruder would think overflow was not successful.
Find out the system without the owner of the file: identify any has write permissions of files and directories: prevent intruders to write Trojans statement (such as a shell copy) or inherit owner permissions and illegal access; identify and reinforce those that have always been an intruder can use a file-such as .rhosts. Ftp upload directory cannot give execute permissions, such as the provision can run CGI Web hosting services, should do additional security configuration. preparation of etc/security/limits.conf, addition or change the following line: 5.Banner camouflaged intruders usually by operating system, service and application version to attack, leaking oil list and attack range is also classified according to this, so we need to make a point and to increase the difficulty of invasion. Change, because after reboot/etc/issue reload, so edit/etc/rc.d/rc.local: for Apache's configuration file, locate the ServerTokens and ServerSignature directive, both to modify their default attributes are as follows, using a non-echoing version: simultaneously modifying the uname file, search the source code, locate the uname.c as follows: be modified to: other services and programs to modify the configuration file can be viewed or source code, do not change too much, otherwise they will be to the system management in big trouble. Sit back and relax?
No comments:
Post a Comment