Solved

Securety

Posted on 1997-05-08
4
248 Views
Last Modified: 2013-12-15
Hello!

I have just installed Redhat and have not used Linx before so I have some questions:

How do I get a good secuety running the newest RedHat?
How do I refuse All who tries to telnet to my computer and how do I accept only ssh? I like to run the apashe www-server and ftp server. And how do I give a oter user premission to add a new user (if he is not root>) ?
What is most important to get a good securety??
I like to run olwm. What shall I do t gret it to work?
0
Comment
Question by:a201
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 19

Expert Comment

by:xterm
ID: 1627455
Thats a bunch of questions:
1)  Leave the securetty the way it is -- it won't allow root
    logins via telnet, and that is the way it should be.
2)  To refuse all telnets?  Just kill the in.telnetd process ID
3)  The Apache web server & WU-FTPD servers are standard (& easy)
4)  You could give another user UID 0 and he'd have root privs,
    but I highly recommend that you do NOT do this.
5)  The standard Window Manager that comes with RH 4.1 is
    FVWM2-95 (*gag*).  Just install Xview and associated
    packages, and change your xinitrc to olwm instead of
    fvwm.
0
 

Author Comment

by:a201
ID: 1627456
Can you tell me what to add where? (to refuse telnet and accept only ssh?) I'm just a beginner....


0
 
LVL 1

Accepted Solution

by:
bencur earned 100 total points
ID: 1627457
1. to refuse telnet logins you have to edit /etc/inetd.conf
  just find the line which begins with telnet (without hash#)
  and hash it. Then run :
  # killall -HUP inetd
            (or :
  # kill -HUP `pidof inetd`)
  the other way to do this is to edit /etc/hosts.deny
  add a this line there:
  in.telnetd:ALL
2. ftp daemon is a standard. you can install apache (if it's not)
  using rpm (in X glint).
3. to make a user who can create accounts:
  just create some speciall group (edit /etc/groups),
  and make a user the member of that group.
  Then set a group of program which is used to create users,
  to that group. Remove execution for everybody, let just owner     (root) and group (your_new_group) read and execute permissions.
  Then set it suid. You can do it with the command :
  # chmod 4750 /sbin/adduser    (or /sbin/useradd, I don't    remember). Suid attribute on owner means, that after execution, this program will run with the owners permissions.
4. To get a good security you should have only few accounts for     only trusted users, then you should use firewall (at least        setup /etc/hosts.{deny,allow}) and remove most of not usefull     SUID attributes from files on your system.
5. to run olwm install Xview package.
0
 

Author Comment

by:a201
ID: 1627458
Thank You!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question