Solved

Securety

Posted on 1997-05-08
4
244 Views
Last Modified: 2013-12-15
Hello!

I have just installed Redhat and have not used Linx before so I have some questions:

How do I get a good secuety running the newest RedHat?
How do I refuse All who tries to telnet to my computer and how do I accept only ssh? I like to run the apashe www-server and ftp server. And how do I give a oter user premission to add a new user (if he is not root>) ?
What is most important to get a good securety??
I like to run olwm. What shall I do t gret it to work?
0
Comment
Question by:a201
  • 2
4 Comments
 
LVL 19

Expert Comment

by:xterm
ID: 1627455
Thats a bunch of questions:
1)  Leave the securetty the way it is -- it won't allow root
    logins via telnet, and that is the way it should be.
2)  To refuse all telnets?  Just kill the in.telnetd process ID
3)  The Apache web server & WU-FTPD servers are standard (& easy)
4)  You could give another user UID 0 and he'd have root privs,
    but I highly recommend that you do NOT do this.
5)  The standard Window Manager that comes with RH 4.1 is
    FVWM2-95 (*gag*).  Just install Xview and associated
    packages, and change your xinitrc to olwm instead of
    fvwm.
0
 

Author Comment

by:a201
ID: 1627456
Can you tell me what to add where? (to refuse telnet and accept only ssh?) I'm just a beginner....


0
 
LVL 1

Accepted Solution

by:
bencur earned 100 total points
ID: 1627457
1. to refuse telnet logins you have to edit /etc/inetd.conf
  just find the line which begins with telnet (without hash#)
  and hash it. Then run :
  # killall -HUP inetd
            (or :
  # kill -HUP `pidof inetd`)
  the other way to do this is to edit /etc/hosts.deny
  add a this line there:
  in.telnetd:ALL
2. ftp daemon is a standard. you can install apache (if it's not)
  using rpm (in X glint).
3. to make a user who can create accounts:
  just create some speciall group (edit /etc/groups),
  and make a user the member of that group.
  Then set a group of program which is used to create users,
  to that group. Remove execution for everybody, let just owner     (root) and group (your_new_group) read and execute permissions.
  Then set it suid. You can do it with the command :
  # chmod 4750 /sbin/adduser    (or /sbin/useradd, I don't    remember). Suid attribute on owner means, that after execution, this program will run with the owners permissions.
4. To get a good security you should have only few accounts for     only trusted users, then you should use firewall (at least        setup /etc/hosts.{deny,allow}) and remove most of not usefull     SUID attributes from files on your system.
5. to run olwm install Xview package.
0
 

Author Comment

by:a201
ID: 1627458
Thank You!
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
capture pcap with filtered traffic 1 84
error log using ftp 7 56
000webhost.com default error log 1 40
Recover Lacie Edmini data. 11 54
This is the error message I got (CODE) Error caused by incompatible libmp3lame 3.98-2 with ffmpeg I've googled this error message and found out sometimes it attaches this note "can be treated with downgrade libmp3lame to version 3.97 or 3.98" …
Fine Tune your automatic Updates for Ubuntu / Debian
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question