Solved

Securety

Posted on 1997-05-08
4
245 Views
Last Modified: 2013-12-15
Hello!

I have just installed Redhat and have not used Linx before so I have some questions:

How do I get a good secuety running the newest RedHat?
How do I refuse All who tries to telnet to my computer and how do I accept only ssh? I like to run the apashe www-server and ftp server. And how do I give a oter user premission to add a new user (if he is not root>) ?
What is most important to get a good securety??
I like to run olwm. What shall I do t gret it to work?
0
Comment
Question by:a201
  • 2
4 Comments
 
LVL 19

Expert Comment

by:xterm
ID: 1627455
Thats a bunch of questions:
1)  Leave the securetty the way it is -- it won't allow root
    logins via telnet, and that is the way it should be.
2)  To refuse all telnets?  Just kill the in.telnetd process ID
3)  The Apache web server & WU-FTPD servers are standard (& easy)
4)  You could give another user UID 0 and he'd have root privs,
    but I highly recommend that you do NOT do this.
5)  The standard Window Manager that comes with RH 4.1 is
    FVWM2-95 (*gag*).  Just install Xview and associated
    packages, and change your xinitrc to olwm instead of
    fvwm.
0
 

Author Comment

by:a201
ID: 1627456
Can you tell me what to add where? (to refuse telnet and accept only ssh?) I'm just a beginner....


0
 
LVL 1

Accepted Solution

by:
bencur earned 100 total points
ID: 1627457
1. to refuse telnet logins you have to edit /etc/inetd.conf
  just find the line which begins with telnet (without hash#)
  and hash it. Then run :
  # killall -HUP inetd
            (or :
  # kill -HUP `pidof inetd`)
  the other way to do this is to edit /etc/hosts.deny
  add a this line there:
  in.telnetd:ALL
2. ftp daemon is a standard. you can install apache (if it's not)
  using rpm (in X glint).
3. to make a user who can create accounts:
  just create some speciall group (edit /etc/groups),
  and make a user the member of that group.
  Then set a group of program which is used to create users,
  to that group. Remove execution for everybody, let just owner     (root) and group (your_new_group) read and execute permissions.
  Then set it suid. You can do it with the command :
  # chmod 4750 /sbin/adduser    (or /sbin/useradd, I don't    remember). Suid attribute on owner means, that after execution, this program will run with the owners permissions.
4. To get a good security you should have only few accounts for     only trusted users, then you should use firewall (at least        setup /etc/hosts.{deny,allow}) and remove most of not usefull     SUID attributes from files on your system.
5. to run olwm install Xview package.
0
 

Author Comment

by:a201
ID: 1627458
Thank You!
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
Google Drive is extremely cheap offsite storage, and it's even possible to get extra storage for free for two years.  You can use the free account 15GB, and if you have an Android device..when you install Google Drive for the first time it will give…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question