¥e¬P¥Í¬¡¤j®v¢w¬P°Q½×°Ï
¥e¬P¥Í¬¡¤j®v¢w¬P°Q½×°Ï
­º­¶ | ­Ó¤H¸ê®Æ | ³Ì·s¤å³¹ | ¥DÃD²Î­p | ·|­û | ·j´M | FAQ | ŠéÊ^¤¤¤å
 ©Ò¦³°Q½×°Ï
 ¥Í¬¡¡B¥ð¾Í
 ¦n¥Î¸ê°T
 [Âà¸ü] Linux ºôµ¸¦w¥þ§Þ¥©

ª`·N: ¥²¶·¥ýµù¥U¤~¥i¥Hµoªí¤å³¹

°Ï°ì:
¨Ï¥ÎªÌ¦WºÙ:
±K½X:
¼Ò¦¡:
®æ¦¡: ²ÊÅé±×Å驳½u¹º½u ¥ª¹ï»ô¤¤¹ï»ô¥k¹ï»ô ¤ô¥­½u ¥[¤J³sµ²¥[¤JEmail³sµ²l¥[¤J¹Ï¤ù ¥[¤J­ì¤å¥[¤J¤Þ¨¥¥[¤J¶µ¥Ø²Å¸¹
   
¤º¤å:

* HTML»yªkÃö³¬
* ½×¾Â¥N½X»yªk¶}±Ò
Smilies
Smile [:)] Big Smile [:D] Cool [8D] Blush [:I]
Tongue [:P] Evil [):] Wink [;)] Clown [:o)]
Black Eye [B)] Eight Ball [8] Frown [:(] Shy [8)]
Shocked [:0] Angry [:(!] Dead [xx(] Sleepy [|)]
Kisses [:X] Approve [^] Disapprove [V] Question [?]

 
   

¥DÃD¦^ÅU
peakhour µoªí©ó - 11/30/2001 : 12:24:54 AM
[Âà¸ü] Linux ºôµ¸¦w¥þ§Þ¥©
§@ªÌ·|­û¦W¡Rwangsb¡@¡@Email:wangshoub@yeah.net


¡@¡@ºôµ¸¦w¥þ¬O¤@­Ó«D±`­«­nªº½ÒÃD,°ò¥»¤W§A¹B¦æªºªA°È«á¥x¶V¦h,§A´N¥i¯à¥´¶}§ó¦hªº¦w¥þº|¬}.
¦pªG°t¸mªº«ê·íªº¸Ü,Linux¥»¨­¬O«D±`¦w¥þ¥i¾aªº,°²¨Ï¦bLinux¨t²Î¤¤¦³¬Y­Ó¦w¥þ¯Ê³´,
¥Ñ©óLinuxªº·½½X¬O¶}©ñªº¡A¦³¦¨¤d¤W¸Uªº»xÄ@ªÌ·|¥ß¨èµo²{¨Ã­×¸É¥¦¡C
¥»¤å¦®¦b¤¶²Ð¥Î¨Ó¼W±j§Aªººôµ¸¦w¥þ©Êªº±`¥Î§Þ¥©,¥HRedhat Linux§@¬°¾Þ§@Àô¹Ò¡C

1.¾Þ§@¨t²Î¤º³¡ªºlog file¬OÀË´ú¬O§_¦³ºôµ¸¤J«Iªº­«­n½u¯Á¡A
·íµM³o­Ó°²©w§Aªºlogfile¤£³Q«I¤JªÌ©Ò¯}Ãa¡A¦pªG§A¦³¥xªA°È¾¹¥Î±M½uª½±µ³s¨ìInternet¤W¡A
³o·N¨ýµÛ§AªºIP¦a§}¬O¥Ã¤[©T©wªº¦a§}¡A§A·|µo²{¦³«Ü¦h¤H¹ï§Aªº¨t²Î°µtelnet/ftpµn¿ý¹Á¸Õ¡A
¸ÕµÛ¹B¦æ#more /var/log/secure | grep refused ¥hÀˬd¡C

2. ­­»s¨ã¦³SUIDÅv­­¼Ð»xªºµ{§Ç¼Æ¶q¡A¨ã¦³¸ÓÅv­­¼Ð»xªºµ{§Ç¥Hroot¨­¥÷¹B¦æ¡A¬O¤@­Ó¼ç¦bªº¦w¥þº|¬}¡A
·íµM¡A¦³¨Çµ{§Ç¬O¥²¶·­n¨ã¦³¸Ó¼Ð»xªº¡A¶Hpasswdµ{§Ç¡C

3.BIOS¦w¥þ¡C³]¸mBIOS±K½X¥B­×§ï¤Þ¾É¦¸§Ç¸T¤î±q³n½L±Ò°Ê¨t²Î¡C

4. ¥Î¤á¤f¥O¡C¥Î¤á¤f¥O¬OLinux¦w¥þªº¤@­Ó³Ì°ò¥»ªº°_ÂI¡A«Ü¦h¤H¨Ï¥Îªº¥Î¤á¤f¥O´N¬O²³æªº¡¥password¡A
³oµ¥©óµ¹«I¤JªÌ´¯¶}¤F¤jªù¡AÁöµM±q²z½×¤W»¡¨S¦³¤£¯à½T¸Ñªº¥Î¤á¤f¥O¡A¥u­n¦³¨¬°÷ªº®É¶¡©M¸ê·½¥i¥H§Q¥Î¡C
¤ñ¸û¦nªº¥Î¤á¤f¥O¬O¨º¨Ç¥u¦³¥L¦Û¤v¯à°÷®e©ö°O±o¨Ã²z¸Ñªº¤@¦ê¦r²Å¡A¨Ã¥Bµ´¹ï¤£­n¦b¥ô¦ó¦a¤è¼g¥X¨Ó¡C

5./etc/exports ¤å¥ó¡C¦pªG§A¨Ï¥ÎNFSºôµ¸¤å¥ó¨t²ÎªA°È¡A¨º»ò½T«O§Aªº/etc/exports
¨ã¦³³ÌÄY®æªº¦s¨úÅv­­³]¸m¡A³o·N¨ýµÛ¤£­n¨Ï¥Î¥ô¦ó³q°t²Å¡A¤£¤¹³\root¼gÅv­­¡Amount¦¨¥uŪ¤å¥ó¨t²Î¡C
½s¿è¤å¥ó/etc/exports¨Ã¥B¥[¡R¨Ò¦p¡R
¡@¡@/dir/to/export host1.mydomain.com(ro,root_squash)
¡@¡@/dir/to/export host2.mydomain.com(ro,root_squash)
¡@¡@/dir/to/export ¬O§A·Q¿é¥Xªº¥Ø¿ý¡Ahost.mydomain.com¬Oµn¿ý³o­Ó¥Ø¿ýªº¾÷¾¹¦W¡A
ro·N¨ýµÛmount¦¨¥uŪ¨t²Î¡Aroot_squash¸T¤îroot¼g¤J¸Ó¥Ø¿ý¡C
¡@¡@¬°¤FÅý¤W­±ªº§ïÅܥͮġA¹B¦æ/usr/sbin/exportfs -a

6.½T«H/etc/inetd.confªº©Ò¦³ªÌ¬Oroot¡A¥B¤å¥óÅv­­³]¸m¬°600 ¡C
[root@deep]# chmod 600 /etc/inetd.conf
ENSURE that the owner is root.
[root@deep]# stat /etc/inetd.conf
File: "/etc/inetd.conf"
Size: 2869 Filetype: Regular File
Mode: (0600/-rw-------) Uid: ( 0/ root) Gid: ( 0/ root)
Device: 8,6 Inode: 18219 Links: 1
Access: Wed Sep 22 16:24:16 1999(00000.00:10:44)
Modify: Mon Sep 20 10:22:44 1999(00002.06:12:16)
Change:Mon Sep 20 10:22:44 1999(00002.06:12:16)
½s¿è/etc/inetd.conf¸T¤î¥H¤UªA°È¡R
ftp, telnet, shell, login, exec, talk, ntalk, imap, pop-2, pop-3, finger, auth, etc.
°£«D§A¯uªº·Q¥Î¥¦¡C¯S§O¬O¸T¤î¨º¨Çr©R¥O.¦pªG§A¥Îssh/scp¡A¨º»ò§A¤]¥i¥H¸T¤î±¼telnet/ftp¡C
¬°¤F¨Ï§ïÅܥͮġA¹B¦æ#killall -HUP inetd §A¤]¥i¥H¹B¦æ#chattr +i /etc/inetd.conf¨Ï¸Ó¤å¥ó¨ã¦³
¤£¥i§ó§ïÄÝ©Ê¡C¥u¦³root ¤~¯à¸Ñ¶}¡A¥Î©R¥O #chattr -i /etc/inetd.conf

7. TCP_WRAPPERS
Àq»{¦a¡ARedhat Linux¤¹³\©Ò¦³ªº½Ð¨D,¥ÎTCP_WRAPPERS¼W±j§Aªº¯¸ÂIªº¦w¥þ©Ê¬OÁ|¤â¤§³Ò¡A§A¥i¥H©ñ¤J
¡§ALL: ALL¡¨¨ì/etc/hosts.deny¤¤¸T¤î©Ò¦³ªº½Ð¨D¡AµM«á©ñ¨º¨Ç©ú½T¤¹³\ªº½Ð¨D¨ì/etc/hosts.allow¤¤¡A
¦p: sshd: 192.168.1.10/255.255.255.0 gate.openarch.com
¹ïIP¦a§}192.168.1.10©M¥D¾÷¦Wgate.openarch.com¡A¤¹³\³q¹Lssh³s±µ¡C°t¸m§¹¤F¤§«á¡A¥ÎtcpdchkÀˬd
[root@deep]# tcpdchk
tcpchk¬OTCP_Wrapper°t¸mÀˬd¤u¨ã¡A¥¦Àˬd§Aªºtcp wrapper°t¸m¨Ã³ø§i©Ò¦³µo²{ªº¼ç¦b/¦s¦bªº°ÝÃD¡C

8. §O¦W¤å¥óaliases
½s¿è§O¦W¤å¥ó/etc/aliases¡]¤]¥i¯à¬O/etc/mail/aliases)¡A²¾¨«/ª`ÄÀ±¼¤U­±ªº¦æ¡C
# Basic system aliases -- these MUST be present.
MAILER-DAEMON: postmaster
postmaster: root
# General redirections for pseudo accounts.
bin: root
daemon: root
#games: root ?remove or comment out.
#ingres: root ?remove or comment out.
nobody: root
#system: root ?remove or comment out.
#toor: root ?remove or comment out.
#uucp: root ?remove or comment out.
# Well-known aliases.
#manager: root ?remove or comment out.
#dumper: root ?remove or comment out.
#operator: root ?remove or comment out.
# trap decode to catch security attacks
#decode: root
# Person who should get roots mail
#root: marc
³Ì«á§ó·s«á¤£­n§Ñ°O¹B¦æ/usr/bin/newaliases¡A¨Ï§ïÅܥͮġC

9.ªý¤î§Aªº¨t²ÎÅTÀ³¥ô¦ó±q¥~³¡/¤º³¡¨Óªºping½Ð¨D¡C
¬JµM¨S¦³¤H¯àping³q§Aªº¾÷¾¹¨Ã¦¬¨ìÅTÀ³¡A§A¥i¥H¤j¤j¼W±j§Aªº¯¸ÂIªº¦w¥þ©Ê¡C
§A¥i¥H¥[¤U­±ªº¤@¦æ©R¥O¨ì/etc/rc.d/rc.local¡A¥H¨Ï¨C¦¸±Ò°Ê«á¦Û°Ê¹B¦æ¡C
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all

10. ¤£­nÅã¥Ü¥X¾Þ§@¨t²Î©Mª©¥»«H®§¡C
¦pªG§A§Æ±æ¬Y­Ó¤H»·µ{µn¿ý¨ì§AªºªA°È¾¹®É¤£­nÅã¥Ü¾Þ§@¨t²Î©Mª©¥»«H®§¡A§A¯à§ïÅÜ
/etc/inetd.conf¤¤ªº¤@¦æ¶H¤U­±³o¼Ë¡R
telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd -h
¥[-h¼Ð»x¦b³Ì«á¨Ï±otelnet«á¥x¤£­nÅã¥Ü¨t²Î«H®§¡A¦Ó¶È¶ÈÅã¥Ülogin:

11.The /etc/host.conf file
½s¿èhost.conf¤å¥ó(vi /etc/host.conf)¥B¥[¤U­±ªº¦æ¡R
# Lookup names via DNS first then fall back to /etc/hosts.
order bind,hosts
# We don have machines with multiple IP addresses on the same card
(like virtual server,IP Aliasing).
multi off
# Check for IP address spoofing.
nospoof on
IP Spoofing: IP-Spoofing is a security exploit that works by tricking
computers in a trust relationship that you are someone that you really aren .

12. The /etc/securetty file
¸Ó¤å¥ó«ü©w¤F¤¹³\rootµn¿ýªºtty³]³Æ¡A/etc/securetty³Q/bin/loginµ{§ÇŪ¨ú,
¥¦ªº®æ¦¡¬O¤@¦æ¤@­Ó³Q¤¹³\ªº¦W¦r¦Cªí¡A¦p§A¥i¥H½s¿è/etc/securetty¥Bª`ÄÀ¥X¤U­±ªº¦æ¡C
tty1
#tty2
#tty3
#tty4
#tty5
#tty6
#tty7
#tty8
-·N¨ýµÛroot¶È¶È³Q¤¹³\¦btty1²×ºÝµn¿ý¡C

13. ¯S§Oªº±b¸¹
¸T¤î©Ò¦³Àq»{ªº³Q¾Þ§@¨t²Î¥»¨­±Ò°Êªº¥B¤£»Ý­nªº±b¸¹¡A·í§A²Ä¤@¦¸¸Ë¤W¨t²Î®É´NÀ³¸Ó°µ¦¹Àˬd¡A
Linux´£¨Ñ¤F¦UºØ±b¸¹¡A§A¥i¯à¤£»Ý­n¡A¦pªG§A¤£»Ý­n³o­Ó±b¸¹¡A´N²¾¨«¥¦¡A§A¦³ªº±b¸¹¶V¦h¡A
´N¶V®e©ö¨ü¨ì§ðÀ»¡C
¬°§R°£§A¨t²Î¤Wªº¥Î¤á¡A¥Î¤U­±ªº©R¥O¡R
[root@deep]# userdel username
¬°§R°£§A¨t²Î¤Wªº²Õ¥Î¤á±b¸¹¡A¥Î¤U­±ªº©R¥O¡R
[root@deep]# groupdel username
¦b²×ºÝ¤W¥´¤J¤U­±ªº©R¥O§R±¼¤U­±ªº¥Î¤á¡C
[root@deep]# userdel adm
[root@deep]# userdel lp
[root@deep]# userdel sync
[root@deep]# userdel shutdown
[root@deep]# userdel halt
[root@deep]# userdel mail
¦pªG§A¤£¥ÎsendmailªA°È¾¹¡Aprocmail.mailx,´N§R°£³o­Ó±b¸¹¡C
[root@deep]# userdel news
[root@deep]# userdel uucp
[root@deep]# userdel operator
[root@deep]# userdel games
¦pªG§A¤£¥ÎX windows ªA°È¾¹¡A´N§R±¼³o­Ó±b¸¹¡C
[root@deep]# userdel gopher
[root@deep]# userdel ftp
¦pªG§A¤£¤¹³\°Î¦WFTP¡A´N§R±¼³o­Ó¥Î¤á±b¸¹¡C
===
¥´¤J¤U­±ªº©R¥O§R°£²Õ±b¸¹
[root@deep]# groupdel adm
[root@deep]# groupdel lp
[root@deep]# groupdel mail
¦p¤£¥ÎSendmailªA°È¾¹¡A§R°£³o­Ó²Õ±b¸¹
[root@deep]# groupdel news
[root@deep]# groupdel uucp
[root@deep]# groupdel games
¦p§A¤£¥ÎX Windows¡A§R°£³o­Ó²Õ±b¸¹
[root@deep]# groupdel dip
[root@deep]# groupdel pppusers
[root@deep]# groupdel popusers
¦pªG§A¤£¥ÎPOPªA°È¾¹¡A§R°£³o­Ó²Õ±b¸¹
[root@deep]# groupdel slipusers
====
¥Î¤U­±ªº©R¥O¥[»Ý­nªº¥Î¤á±b¸¹
[root@deep]# useradd username
¥Î¤U­±ªº©R¥O§ïÅܥΤá¤f¥O
[root@deep]# passwd username
¥Îchattr©R¥Oµ¹¤U­±ªº¤å¥ó¥[¤W¤£¥i§ó§ïÄÝ©Ê¡C
[root@deep]# chattr +i /etc/passwd
[root@deep]# chattr +i /etc/shadow
[root@deep]# chattr +i /etc/group
[root@deep]# chattr +i /etc/gshadow

14. ªý¤î¥ô¦ó¤Hsu§@¬°root.
¦pªG§A¤£·Q¥ô¦ó¤H¯à°÷su§@¬°root,§A¯à½s¿è/etc/pam.d/su¥[¤U­±ªº¦æ¡R
auth sufficient /lib/security/pam_rootok.so debug
auth required /lib/security/pam_wheel.so group=isd
·N¨ýµÛ¶È¶Èisd²Õªº¥Î¤á¥i¥Hsu§@¬°root. µM«á¡A¦pªG§A§Æ±æ¥Î¤áadmin¯àsu§@¬°root.´N¹B¦æ¤U­±ªº©R¥O¡C
[root@deep]# usermod -G10 admin

16. ¸ê·½­­»s
¹ï§Aªº¨t²Î¤W©Ò¦³ªº¥Î¤á³]¸m¸ê·½­­»s¥i¥H¨¾¤îDoSÃþ«¬§ðÀ»¡]denial of service attacks¡^¦p³Ì¤j¶iµ{¼Æ¡A
¤º¦s¼Æ¶qµ¥¡C¨Ò¦p¡A¹ï©Ò¦³¥Î¤áªº­­»s¶H¤U­±³o¼Ë¡R
½s¿è/etc/security/limits.con¥[¡R
* hard core 0
* hard rss 5000
* hard nproc 20
§A¤]¥²¶·½s¿è/etc/pam.d/login¤å¥ó¥[/Àˬd³o¤@¦æªº¦s¦b¡C
session required /lib/security/pam_limits.so
¤W­±ªº©R¥O¸T¤îcore files¡§core 0¡¨¡A­­»s¶iµ{¼Æ¬°¡§nproc 50¡§¡A¥B­­»s¤º¦s¨Ï¥Î
¬°5M¡§rss 5000¡¨¡C

17. The /etc/lilo.conf file
a) Add: restricted
¥[³o¤@¦æ¨ì¨C¤@­Ó¤Þ¾É¬M¹³¤U­±¡A´N³oªí©ú¦pªG§A¤Þ¾É®É¥Î(linux single),«h»Ý­n¤@­Ópassword.
b) Add: password=some_password
·í»PrestrictedÁp¦X¥Î¡A¥B¥¿±`¤Þ¾É®É¡A»Ý­n¥Î¤á¿é¤J±K½X¡A§A¤]­n½T«Olilo.conf
¤å¥ó¤£¯à³Q¤£ÄÝ©órootªº¥Î¤á¥iŪ¡A¤]§K¬Ý¨ì±K½X©ú¤å¡C¤U­±¬O¨Ò¤l¡R
½s¿è/etc/lilo.conf¥[¡R
====
boot=/dev/sda
map=/boot/map
install=/boot/boot.b
prompt
timeout=50
Default=linux
restricted ?add this line.
password=some_password ?add this line.
image=/boot/vmlinuz-2.2.12-20
label=linux
initrd=/boot/initrd-2.2.12-10.img
root=/dev/sda6
read-only
[root@deep]# chmod 600 /etc/lilo.conf (¤£¦A¯à³Q¨ä¥L¥Î¤á¥iŪ).
[root@deep]# /sbin/lilo -v (§ó·slilo°t¸m).
[root@deep]# chattr +i /etc/lilo.conf¡]ªý¤î¸Ó¤å¥ó³Q­×§ï¡^

18. ¸T¤î Control-Alt-Delete ­«±Ò°Ê¾÷¾¹©R¥O
[root@deep]# vi /etc/inittab
ca::ctrlaltdel:/sbin/shutdown -t3 -r now
To
#ca::ctrlaltdel:/sbin/shutdown -t3 -r now
[root@deep]# /sbin/init q

19. ­«·s³]¸m/etc/rc.d/init.d/¥Ø¿ý¤U©Ò¦³¤å¥óªº³\¥iÅv­­
[root@deep]# chmod -R 700 /etc/rc.d/init.d/*
¶È¶Èroot¥i¥HŪ¡A¼g¡A°õ¦æ¤W­z©Ò¦³script file.

20. The /etc/rc.d/rc.local file
Àq»{¦a¡A·í§Alogin¨ìlinux server®É¡A¥¦§i¶D§Alinuxª©¥»¦W¡A¤º®Öª©¥»¦W©MªA°È¾¹¥D¾÷¦W¡C
¥¦µ¹¤F§A¤Ó¦hªº«H®§¡A¦pªG§A´N§Æ±æ±o¨ì´£¥Ülogin: ,½s¿è/etc/rc.d/rc.local©ñ#¦b¤U­±ªº¦æ«e­±¡R
--
# This will overwrite /etc/issue at every boot. So, make any changes you
# want to make to /etc/issue here or you will lose them when you reboot.
#echo "" > /etc/issue
#echo "$R" >> /etc/issue
#echo "Kernel $(uname -r) on $a $(uname -m)" >> /etc/issue
#
#cp -f /etc/issue /etc/issue.net
#echo >> /etc/issue
--
µM«á¡A°µ¤U­±ªº¨Æ±¡:
[root@deep]# rm -f /etc/issue
[root@deep]# rm -f /etc/issue.net
[root@deep]# touch /etc/issue
[root@deep]# touch /etc/issue.net

21. ³Qroot¾Ö¦³ªºµ{§Çªº¦ì¡C
²¾¨«¨º¨Ç³Qroot¾Ö¦³µ{§Çªºs¦ì¼Ð»x¡A·íµM¦³¨Çµ{§Ç»Ý­n³o­Ó¡A¥Î©R¥O¡¥chmod a-s¡¦§¹¦¨³o­Ó¡C
ª`¡R«e­±±a¡]*¡^¸¹ªº¨º¨Çµ{§Ç¤@¯ë¤£»Ý­n¾Ö¦³s¦ì¼Ð»x¡C
[root@deep]# find / -type f ( -perm -04000 -o -perm -02000 ) -exec ls ¨Clg {} ;
-rwsr-xr-x 1 root root 33120 Mar 21 1999 /usr/bin/at
*-rwsr-xr-x 1 root root 30560 Apr 15 20:03 /usr/bin/chage
*-rwsr-xr-x 1 root root 29492 Apr 15 20:03 /usr/bin/gpasswd
-rwsr-xr-x 1 root root 3208 Mar 22 1999 /usr/bin/disable-paste
-rwxr-sr-x 1 root man 32320 Apr 9 1999 /usr/bin/man
-r-s--x--x 1 root root 10704 Apr 14 17:21 /usr/bin/passwd
-rws--x--x 2 root root 517916 Apr 6 1999 /usr/bin/suidperl
-rws--x--x 2 root root 517916 Apr 6 1999 /usr/bin/sperl5.00503
-rwxr-sr-x 1 root mail 11432 Apr 6 1999 /usr/bin/lockfile
-rwsr-sr-x 1 root mail 64468 Apr 6 1999 /usr/bin/procmail
-rwsr-xr-x 1 root root 21848 Aug 27 11:06 /usr/bin/crontab
-rwxr-sr-x 1 root slocate 15032 Apr 19 14:55 /usr/bin/slocate
*-r-xr-sr-x 1 root tty 6212 Apr 17 11:29 /usr/bin/wall
*-rws--x--x 1 root root 14088 Apr 17 12:57 /usr/bin/chfn
*-rws--x--x 1 root root 13800 Apr 17 12:57 /usr/bin/chsh
*-rws--x--x 1 root root 5576 Apr 17 12:57 /usr/bin/newgrp
*-rwxr-sr-x 1 root tty 8392 Apr 17 12:57 /usr/bin/write
-rwsr-x--- 1 root squid 14076 Oct 7 14:48 /usr/lib/squid/pinger
-rwxr-sr-x 1 root utmp 15587 Jun 9 09:30 /usr/sbin/utempter
*-rwsr-xr-x 1 root root 5736 Apr 19 15:39 /usr/sbin/usernetctl
*-rwsr-xr-x 1 root bin 16488 Jul 6 09:35 /usr/sbin/traceroute
-rwsr-sr-x 1 root root 299364 Apr 19 16:38 /usr/sbin/sendmail
-rwsr-xr-x 1 root root 34131 Apr 16 18:49 /usr/libexec/pt_chown
-rwsr-xr-x 1 root root 13208 Apr 13 14:58 /bin/su
*-rwsr-xr-x 1 root root 52788 Apr 17 15:16 /bin/mount
*-rwsr-xr-x 1 root root 26508 Apr 17 20:26 /bin/umount
*-rwsr-xr-x 1 root root 17652 Jul 6 09:33 /bin/ping
-rwsr-xr-x 1 root root 20164 Apr 17 12:57 /bin/login
*-rwxr-sr-x 1 root root 3860 Apr 19 15:39 /sbin/netreport
-r-sr-xr-x 1 root root 46472 Apr 17 16:26 /sbin/pwdb_chkpwd
[root@deep]# chmod a-s /usr/bin/chage
[root@deep]# chmod a-s /usr/bin/gpasswd
[root@deep]# chmod a-s /usr/bin/wall
[root@deep]# chmod a-s /usr/bin/chfn
[root@deep]# chmod a-s /usr/bin/chsh
[root@deep]# chmod a-s /usr/bin/newgrp
[root@deep]# chmod a-s /usr/bin/write
[root@deep]# chmod a-s /usr/sbin/usernetctl
[root@deep]# chmod a-s /usr/sbin/traceroute
[root@deep]# chmod a-s /bin/mount
[root@deep]# chmod a-s /bin/umount
[root@deep]# chmod a-s /bin/ping
[root@deep]# chmod a-s /sbin/netreport

§A¥i¥H¥Î¤U­±ªº©R¥O¬d§ä©Ò¦³±as¦ì¼Ð»xªºµ{§Ç¡R
[root@deep]# find / -type f ( -perm -04000 -o -perm -02000 ) -exec ls -lg {} ;
> suid-sgid-results
§âµ²ªG¿é¥X¨ì¤å¥ósuid-sgid-results¤¤¡C
¬°¤F¬d§ä©Ò¦³¥i¼gªº¤å¥ó©M¥Ø¿ý¡A¥Î¤U­±ªº©R¥O¡R
[root@deep]# find / -type f ( -perm -2 -o -perm -20 ) -exec ls -lg {} ; > ww-files-results
[root@deep]# find / -type d ( -perm -2 -o -perm -20 ) -exec ls -ldg {} ; > ww-directories-results
¥Î¤U­±ªº©R¥O¬d§ä¨S¦³¾Ö¦³ªÌªº¤å¥ó¡R
[root@deep]# find / -nouser -o -nogroup > unowed-results
¥Î¤U­±ªº©R¥O¬d§ä©Ò¦³ªº.rhosts¤å¥ó¡R
[root@deep]# find /home -name .rhosts > rhost-results






=============================================
®öº©¯Q¦«¨¹¥D¸qªº°g«ä, ¬O¶}©ñªÀ·|ªº¼Ä¤H!
=============================================

¥e¬P¥Í¬¡¤j®v¢w¬P°Q½×°Ï © Copyright 2006 ¥e¬P¥Í¬¡¤j®v ªð¦^³Ì¤W
­¶­±²£¥Í®É¶¡: 0.11 ¬í Snitz Forums 2000
自訂搜尋