LinuxSecurity.com 		Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: May 20th, 2013
Linux Advisory Watch: May 17th, 2013
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Foresight
Default umask  21 August 2006 
Security Tips The default umask (usermask) on most systems should be 022 to ensure that files are created with the permissions 0644 (-rw-r--r--). To change the default umask setting for a system, edit /etc/profile to ensure that you umask is appropriate for your setup.
 
UsePrivilegeSeparation and StrictModes  21 August 2006 
Security Tips Two SSH configuration options that can be set to improve security should be checked on your production server. UsePrivilegeSeparation is an option, when enabled will allow the OpenSSH server to run a small (necessary) amount of code as root and the of the code in a chroot jail environment. StrictModes checks to ensure that your ssh files and directories have the proper permissions and ownerships before allowing an SSH session to open up. The directives should be set in the /etc/ssh/sshd_config as follows:
UsePrivilegeSeparation yes
StrcitModes yes

 
Avoid Accidental Reboot  21 August 2006 
Security Tips On a production server that is in a common area (although this should not be the case, some situations are inevidable). To avoid an accidental CTRL-ALT-DEL reboot of the machine, do the following to remove the necessary lines from the /etc/inittab file:
# sed -i 's/ca::ctrlaltdel:/#ca::ctrlaltdel:/g' /etc/inittab

 
Nmap  21 August 2006 
Security Tips Make use of security tools out there to test your server's weaknesses. Nmap is an excellent port scanning tool to test to see what ports you have open. On a remote machine, type the command:
# nmap -sTU

Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2006-08-10 13:51 EST
Interesting ports on eric (172.16.0.1):
(The 3131 ports scanned but not shown below are in state: closed)

   PORT    STATE         SERVICE
   22/tcp  open          ssh
   113/tcp open          auth
Nmap run completed -- 1 IP address (1 host up) scanned in 221.669 seconds

 
Skill  21 August 2006 
Security Tips Users who may be acting up or aren't listening can still be controlled. Using a program called 'skill' (signal kill) which is part of the 'procps' package.
Halt/Stop User eric: skill -STOP -u eric
Continue User eric: skill -CONT -u eric
Kill and Logout User eric: skill -KILL -u eric
Kill and Logout All Users: skill -KILL -v /dev/pts/*
 
<< Start < Prev 4 Next > End >>

Results 28 - 32 of 32
    
Partner

 
Latest Features
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Using the sec-wall Security Proxy
Yesterday's Edition
Samsung Galaxy S4 already hacked
WikiLeaks Donations Down to a Trickle
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2013 Guardian Digital, Inc. All rights reserved.