Monday, December 7, 2009

Linux Security


----->   Enable Authentication for Single-User Mode

Single-User Mode is used for a system recovery. However, by default, no authentication is used if single-user mode is selected. This can be used to bypassing security on the server and gaining root access. To enable authentication for single-user mode, open the /etc/inittab, file:

 
# vi /etc/inittab

Add the following line to the file:


~~:S:wait:/sbin/sulogin

 

-----> Disable Interactive Hotkey Startup at Boot

A few Linux distribution like Fedora, CentOS or RHEL allows the console user to perform an interactive system startup by pressing [I] key. Using interactive boot, attacker can disable the firewall and other system services. Open /etc/sysconfig/init file:

# vi /etc/sysconfig/init

Modify the setting as follows:

PROMPT=no

-----> Setup Time-out for Login Shells

 Go into the user's home director:

# vi .bash_profile

TMOUT=300
readonly TMOUT
export TMOUT
 
In case of dealing with SSH, we need to define/enter the following:
 
To set an idle timeout interval, after this interval has passed, the idle user will be automatically logged out. Open /etc/ssh/sshd_config file, enter:

vi /etc/ssh/sshd_config

Find ClientAliveInterval and set to 300 (5 minutes) as follows:

ClientAliveInterval 300
ClientAliveCountMax 0

Save and close the file. Restart sshd:
# service sshd restart

No comments:

Post a Comment