What is security?
Answer:
Security, in a nutshell, is ensuring the Confidentiality, Integrity, and Availability of your systems and network.
Dec 252009
Dec 252009
Why am I seeing "-- Mark --" in my syslog?
Answer:
This is a timestamp which is automatically generated by syslogd, and is syslogd's way of stating that it has nothing to report. The default interval between two -- MARK -- lines is 20 minutes.
This can be changed by locating the syslodg startup script, and changing the parmeter after the "-m" option to suit your needs. To disable these timestamps completely, set "-m" to 0. For more information, type "man syslogd".
Dec 252009
Why can't I telnet into my Linux box as root?
Answer:
By default, some distributions prohibit root from logging in remotely, unless you first log in as a regular user, and then "su" to root. This feature provides an extra layer of security in case the password of the root account is compromised.
Although it is not recommended, this restriction can be removed by deleting the file /etc/securetty. For more information, type "man securetty".
Dec 192009
Ban a remote IP Address using iptables
Answer:
iptables -A INPUT -s IP -j DROP
Replace IP with the actual remote IP address.
Note that the blocking will be lost when server reboot. You would need to save the rule(s) into a script and reload when server reboot.
Dec 192009
How to turn off SELinux?
Answer: (pick either one)
1. Change the run-time configuration (won't take effect when you reboot)
# sestatus informs you of the two permission mode statuses,
# the current mode in runtime and the mode from the config
# file referenced during boot:
sestatus | grep -i mode
Current mode: enforcing
Mode from config file: enforcing
# Changing the runtime enforcement doesn't effect the
# boot time configuration:
setenforce 1
sestatus | grep -i mode
Current mode: permissive
Mode from config file: enforcing
2. Turn off SELinux permanently, use the following command
system-config-securitylevel
