LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: April 21st, 2014
Linux Security Week: April 7th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Foresight
Using sudo to replace su  22 August 2006 
Security Tips Use sudo to execute commands as root as a replacement for su. In the /etc/sudoers file, add the following lines by using the visudo command:
Cmnd_Alias LPCMDS = /usr/sbin/lpc, /usr/bin/lprm
eric ALL=LPCMDS
Now the user 'eric' can sudo and use the lpc and lprm commands without having any other root level access.

 
Quick sudo to root  22 August 2006 
Security Tips Users who have sudoer (sudo) accounts setup can have the account setup to change to root without a password. To check this, as root use the following command:
grep NOPASSWD /etc/sudoers
If there is an entry in the sudoers file, it will look like this:
eric ALL=NOPASSWD:ALL
To get rid of this, type visudo and remove the line in that file.

 
Password protection with LILO  22 August 2006 
Security Tips Password protect your linux install with LILO. Edit your /etc/lilo.conf.
At the end of each linux image that you want to secure, put the lines:
read-only
restricted
password = MySecurePassword
Ensure you rereun /sbin/lilo so the changes take effect.

 
Chattr  22 August 2006 
Security Tips There are files that get changed very infrequently. For instance, if your system won't have any users added anytime soon then it may be sensible to chattr immutably the /etc/password and /etc/shadow files. Only the superuser or a process possessing the CAP_LINUX_IMMUTABLE capability can set or clear this attribute.
chattr +i /etc/passwd /etc/shadow

 
Disallow ICMP  22 August 2006 
Security Tips Some attackers, prior to attacking a host, (or users nmaping a host) will check to see if the host is alive. They do this by 'ping'ing the host. In order to check if the host is up, they will use an ICMP echo request packet.
To disallow these types of packets, use iptables:
iptables -A INPUT -p icmp --icmp-type echo-request -j DROP

 
<< Start < Prev 1 2 3 Next > End >>

Results 19 - 27 of 32
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Fixing OpenSSL's Heartbleed flaw will take MONTHS, warns Secunia
Even the most secure cloud storage may not be so secure, study finds
Targeted Attack Uses Heartbleed to Hijack VPN Sessions
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.