In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-02 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/01 Report--
This article mainly introduces "how to strengthen the security of the Suse Linux operating system". In the daily operation, I believe many people have doubts about how to strengthen the security of the Suse Linux operating system. The editor consulted all kinds of materials and sorted out simple and easy-to-use operation methods. I hope it will be helpful to answer the doubts about "how to strengthen the security of the Suse Linux operating system". Next, please follow the editor to study!
This article introduces you to Suse Linux, many people may not understand Suse Linux, it does not matter, you must have a lot of gains after reading this article. The following is a detailed explanation of the problems encountered. After the installation of the Suse Linux operating system is completed, security scanning is needed to shut down the unused ports and strengthen the security of the operating system. Here are the steps:
The system starts the service by default:
Shelly:/etc/init.d # nmap-P0 127.0.0.1
Starting Nmap 4.00 ([url] http://www.insecure.org/nmap/[/url]) at 2007-06-25 15:34 CST
Interesting ports on localhost (127.0.0.1):
(The 1666 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
111/tcp open rpcbind
427/tcp open svrloc
631/tcp open ipp
Nmap finished: 1 IP address (1 host up) scanned in 0.244 seconds
Shelly:/etc/init.d #
Second, the method of temporarily shutting down the service:
1. View the relationship between service and port:
For example, check the associated process of ipp service: # lsof | grep ipp
2. Confirm the relationship between service and port:
Serial Port Service path / etc/init.d status
1) 22ssh sshd retention
2) 25smtppostfix is off
3) 111rpcportmap is off
4) 427svrlocslpd is off
5) 631ippcupsd is off
3. Manual shutdown method:
Stop smtp:/etc/init.d/postfix stop
Stop rpc:/etc/init.d/portmap stop
Stop svrloc:/etc/init.d/slpd stop
Stop ipp:/etc/init.d/cupsd stop
3. Permanent shutdown method:
After the manual shutdown, each time the system starts, the service will start itself, which needs to be permanently disabled from the startup configuration file:
Use the chkconfig-l command to view the auto-loading services of the current system: (intercept only some of the relevant services)
Shelly:/etc/init.d # chkconfig-l | grep on
Cron 0:off 1:off 2:on 3:on 4:off 5:on 6:off
Cups 0:off 1:off 2:on 3:on 4:off 5:on 6:off
Nfs 0:off 1:off 2:off 3:on 4:off 5:on 6:off
Nfsboot 0:off 1:off 2:off 3:on 4:off 5:on 6:off
Novell-zmd0:off 1:off 2:off 3:on 4:on 5:on 6:off
Nscd 0:off 1:off 2:off 3:on 4:off 5:on 6:off
Portmap 0:off 1:off 2:off 3:on 4:off 5:on 6:off
Postfix 0:off 1:off 2:off 3:on 4:off 5:on 6:off
Powersaved0:off 1:off 2:on 3:on 4:off 5:on 6:off
Random 0:off 1:off 2:on 3:on 4:off 5:on 6:off
Resmgr 0:off 1:off 2:on 3:on 4:off 5:on 6:off
Slpd 0:off 1:off 2:off 3:on 4:off 5:on 6:off
Shelly:/etc/init.d #
Turn off method:
Shelly:/etc/init.d # chkconfig-s cups off
Shelly:/etc/init.d # chkconfig-s nfs off
Shelly:/etc/init.d # chkconfig-s nfsboot off
Shelly:/etc/init.d # chkconfig-s portmap off
Shelly:/etc/init.d # shelly:/etc/init.d # chkconfig-s postfix off
Shelly:/etc/init.d # chkconfig-s slpd off
Note: permanently shutting down portmap is associated with nfs. You must first shut down the nfs and nfsboot processes, otherwise there will be an error as follows.
Shelly:/etc/init.d # chkconfig-s portmap off
Insserv: Service portmap has to be enabled for service nfs
Insserv: Service portmap has to be enabled for service nfsboot
Insserv: exiting now!
/ sbin/insserv failed, exit code 1
Stop order is supported:
Shelly:/etc/init.d # chkconfig-s nfs off
Shelly:/etc/init.d # chkconfig-s nfsboot off
Shelly:/etc/init.d # chkconfig-s portmap off
Shelly:/etc/init.d #
4. Scanning system:
Restart the system and scan the system port
Shelly:/etc/init.d # nmap-P0 127.0.0.1
Starting Nmap 4.00 ([url] http://www.insecure.org/nmap/[/url]) at 2007-06-25 16:16 CST
Interesting ports on localhost (127.0.0.1):
(The 1670 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
22/tcp open ssh
Nmap finished: 1 IP address (1 host up) scanned in 0.213 seconds
Shelly:/etc/init.d #
At this point, the study on "how to strengthen the security of the Suse Linux operating system" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.