Shulou(Shulou.com)06/01 Report--

This article mainly explains "what is the security of linux server". The content of the explanation is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn "what is the security of linux server".

 uses single-user mode to enter the system

Boot: when prompted after  Linux starts, use a special command, such as linuxsingle or linux 1, to enter single-user mode (Single-User mode). This command is very useful, such as forgetting the superuser (root) password. Restart the system and type linux single (or linux 1) at the boot: prompt. After the super user enters the system, edit the Passwd file and remove the x from the root line.

Countermeasures against :

 enters the system as superuser (root), edits the / etc/inittab file, changes the settings of id:3:initdefault, and adds an additional line (as follows) to prompt for the superuser password when the system is rebooted into single-user mode:

 ~: S:walt:/sbin/sulogin

 then executes the command: / sbin/init Q to make this setting work.

 passes hazard parameters to the core when the system starts up

The most commonly used boot loader tool for  under Linux is LILO, which is responsible for managing the boot system (which can be added to other partitions and operating systems). But some illegal users may start Linux casually or pass dangerous parameters to the core when the system starts, which is also quite dangerous.

Countermeasures against :

 edits the file / etc/lilo.conf and adds the restricted parameter, which must be used with the following password parameter, indicating that you need to enter a password when passing some parameters to the Linux kernel at the boot: prompt.

The  password parameter can be used with restricted or alone, as described below.

 is used with restricted: it is important to note that a password is required only when you need to pass to kernel parameters at startup, while in normal (default) mode, you do not need a password.

 is used alone (not with restricted): it means that Linux always requires a password no matter what startup mode is used; if there is no password, there is no way to start Linux, in which case it is more secure, which is equivalent to adding another layer of defense to the perimeter. There are disadvantages, of course-you can't restart the system remotely unless you add the restricted parameter.

 because the password is not encrypted in plaintext, the / etc/lilo.conf file must be set to be readable only to the superuser, and can be set using the following command:

 chmod 600 / ietc/lilo.conf

 then executes the command: / sbin/lilo-V, writes it to boot sector, and makes the change take effect.

 to enhance the security of the / etc/liIo.conf file, you can also set the file to an immutable attribute, using the command:

 chattr + i/etc/lilo.conf

 if you want to modify the / etc/liIo.conf file later, use the chattr-i/etc/lilo.conf command to remove this attribute.

 restarts using the "Ctrl+Alt+Del" key combination

 is very important and easy to ignore. If an illegal user has access to the server's keyboard, he can use the key combination "Ctrl+AIt+Del" to restart your server.

Countermeasures against :

 edit the / etc/inittab file and comment ca::ctrlaltdel:/sbin/shutdown-t3-r now with # ca::ctrlaltdeI:/sbin/shutdown-t3-r now.

 then executes the command: / sbin/init Q to make the change take effect.

Thank you for reading, the above is the content of "what is the security of the linux server". After the study of this article, I believe you have a deeper understanding of the security of the linux server, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.