Solved

Securety

Posted on 1997-05-08
4
243 Views
Last Modified: 2013-12-15
Hello!

I have just installed Redhat and have not used Linx before so I have some questions:

How do I get a good secuety running the newest RedHat?
How do I refuse All who tries to telnet to my computer and how do I accept only ssh? I like to run the apashe www-server and ftp server. And how do I give a oter user premission to add a new user (if he is not root>) ?
What is most important to get a good securety??
I like to run olwm. What shall I do t gret it to work?
0
Comment
Question by:a201
  • 2
4 Comments
 
LVL 19

Expert Comment

by:xterm
ID: 1627455
Thats a bunch of questions:
1)  Leave the securetty the way it is -- it won't allow root
    logins via telnet, and that is the way it should be.
2)  To refuse all telnets?  Just kill the in.telnetd process ID
3)  The Apache web server & WU-FTPD servers are standard (& easy)
4)  You could give another user UID 0 and he'd have root privs,
    but I highly recommend that you do NOT do this.
5)  The standard Window Manager that comes with RH 4.1 is
    FVWM2-95 (*gag*).  Just install Xview and associated
    packages, and change your xinitrc to olwm instead of
    fvwm.
0
 

Author Comment

by:a201
ID: 1627456
Can you tell me what to add where? (to refuse telnet and accept only ssh?) I'm just a beginner....


0
 
LVL 1

Accepted Solution

by:
bencur earned 100 total points
ID: 1627457
1. to refuse telnet logins you have to edit /etc/inetd.conf
  just find the line which begins with telnet (without hash#)
  and hash it. Then run :
  # killall -HUP inetd
            (or :
  # kill -HUP `pidof inetd`)
  the other way to do this is to edit /etc/hosts.deny
  add a this line there:
  in.telnetd:ALL
2. ftp daemon is a standard. you can install apache (if it's not)
  using rpm (in X glint).
3. to make a user who can create accounts:
  just create some speciall group (edit /etc/groups),
  and make a user the member of that group.
  Then set a group of program which is used to create users,
  to that group. Remove execution for everybody, let just owner     (root) and group (your_new_group) read and execute permissions.
  Then set it suid. You can do it with the command :
  # chmod 4750 /sbin/adduser    (or /sbin/useradd, I don't    remember). Suid attribute on owner means, that after execution, this program will run with the owners permissions.
4. To get a good security you should have only few accounts for     only trusted users, then you should use firewall (at least        setup /etc/hosts.{deny,allow}) and remove most of not usefull     SUID attributes from files on your system.
5. to run olwm install Xview package.
0
 

Author Comment

by:a201
ID: 1627458
Thank You!
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
linux pull logs and export FTP 4 71
How to install Ubuntu 16 in DELL venue 8 pro 20 145
awk sed 8 42
awk variable in printf 1 24
This is the error message I got (CODE) Error caused by incompatible libmp3lame 3.98-2 with ffmpeg I've googled this error message and found out sometimes it attaches this note "can be treated with downgrade libmp3lame to version 3.97 or 3.98" …
If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question