centos5简单安全配置
还是把这篇文章整回来,不然有时候自己要找都不方便,其他的安全配置就看你们自己的需求了.
设置服务
默认很多服务都是不需要的,服务越少越安全.
service acpid stop ; chkconfig acpid off
service apmd stop ; chkconfig apmd off
service atd stop ; chkconfig atd off
service auditd stop ; chkconfig auditd off
service autofs stop ; chkconfig autofs off
service avahi-daemon stop ; chkconfig avahi-daemon off
service bluetooth stop ; chkconfig bluetooth off
service cpuspeed stop ; chkconfig cpuspeed off
service cups stop ; chkconfig cups off
service firstboot stop ; chkconfig firstboot off
service gpm stop ; chkconfig gpm off
service haldaemon stop ; chkconfig haldaemon off
service hidd stop ; chkconfig hidd off
service hplip stop ; chkconfig hplip off
service ip6tables stop ; chkconfig ip6tables off
service isdn stop ; chkconfig isdn off
service lm_sensors stop ; chkconfig lm_sensors off
service mcstrans stop ; chkconfig mcstrans off
service messagebus stop ; chkconfig messagebus off
service netfs stop ; chkconfig netfs off
service nfslock stop ; chkconfig nfslock off
service pcscd stop ; chkconfig pcscd off
service portmap stop ; chkconfig portmap off
service restorecond stop ; chkconfig restorecond off
service rpcgssd stop ; chkconfig rpcgssd off
service rpcidmapd stop ; chkconfig rpcidmapd off
service yum-updatesd stop ; chkconfig yum-updatesd off
service smartd stop ; chkconfig smartd off
设置网卡
vi /etc/sysconfig/network-scripts/ifcfg-eth0
service network restart
修改DNS,用opendns,当然也可以用机房提供的.
vi /etc/resolv.conf
nameserver 208.67.222.222
nameserver 208.67.220.220
修改SSH端口并进行配置,也是安全起见
vi /etc/ssh/sshd_config
Port 8021
UseDNS no
X11Forwarding no
service sshd restart
更新常用编译工具包
yum -y install glibc* cpp gcc* openssl* make
yum -y update
更改主机名
vi /etc/sysconfig/network
HOSTNAME=yourhostname
修改默认语言
vi /etc/sysconfig/i18n
改成LANG=”en_US.UTF-8″
然后
source /etc/sysconfig/i18n
ade
rocdk890
西门堵车
朱祁镇
r1p
milton010
北岛
SB-AAAAAA
评论: