How to set up security in linux system

1. Download and install security software

2. Cancel Telnet login, use SSH and change the configuration of ssh server remote login

(1 ) The Telnet login protocol is unencrypted in plain text and is insecure, so the more secure SSH protocol is used.

(2) Change the configuration related to remote login of the ssh server.

修改默认文件路径
vim /etc/ssh/sshd_config

修改的参数
port       #端口
PermitEmptyPasswords      #是否允许密码为空的用户远程登录
PermitRootLogin           #是否允许root登录
UseDNS                    #指定sshd是否应该对远程主机名进行反向解析，以检查主机名是否与其IP地址真实对应。默认yes.建议改成no ，否则可能会导致SSH连接很慢。
GSSAPIAuthentication no   #解决linux之间使用SSH远程连接慢的问题
ListenAddress             #监听指定的IP地址

批量操作：
sed -ir '13 iPort 55666\nPermitRootLogin  no\nPermitEmptyPasswords  no\nUseDNS no\nGSSAPIAuthentication no'  /etc/ssh/sshd_config

Recommended tutorial: linux tutorial

3. User management related

(1) Delete unnecessary users and user groups.

(2) User password management

4. Check the system log

Your system log tells you what activities occurred on the system, including whether the attacker successfully entered or Try to access the system. Always be vigilant, this is your first line of defense, and regular monitoring of system logs is to guard this line of defense.

5. Turn off selinux

SELinux is a kernel mandatory access control security system. It is not recommended to turn it on if you don’t understand its principles.

6. Apply kernel patches

No system is bug-free and absolutely safe. Linux is also the same. Apply more kernel patches to enhance the security of the kernel.

7. Shut down unnecessary services for the system

Some systems are equipped with many unnecessary services. These unnecessary services sometimes start running. On the one hand, they occupy system resources, and on the other hand, they take up system resources. On the one hand, it can easily cause security risks and you can choose to turn it off.

8. Disable dangerous commands

rm -rf

dd if=/dev/random of=/dev/sda

The dd command will erase the contents under /dev/sda and then write random garbage data, causing data pollution.

Recommended related video tutorials: linux video tutorial

The above is the detailed content of How to set up security in linux system. For more information, please follow other related articles on the PHP Chinese website!