博客
关于我
安全强化你的 Linux 服务器的七个步骤
阅读量:196 次
发布时间:2019-02-28

本文共 1528 字,大约阅读时间需要 5 分钟。

??????Linux???????

?????????????????????????????????????????Linux??????????

1. ????????????

???????????????????????????????????????????????????????????

  • ? Ubuntu ? Debian ??

    sudo apt update && sudo apt upgrade -y

  • ? Fedora?CentOS ? RHEL ??

    sudo dnf upgrade -y

2. ??????

??????????????root??????????????????????sudo???

  • ??????

    sudo adduser

  • ??usermod????????sudo???

    sudo usermod -a -G sudo

3. ??SSH??

??SSH?????????????ssh-copy-id?????????????????

  • ???????????

    ssh-copy-id @ip_address

????????????????????

4. ????SSH??

????????????????SSH?????????

  • ??SSH?????

    ??/etc/ssh/sshd_config?????????

    PasswordAuthentication no

  • ??root?????

    PermitRootLogin no

  • ??IP?????

    ??AddressFamily?????SSH?????IPv4???

    AddressFamily inet

  • ??SSH???

    ? Ubuntu ??

    sudo service sshd restart

    ? Fedora ? CentOS ??

    sudo systemctl restart sshd

5. ?????

????????????????????????????Ubuntu??ufw????????????????

  • ??UFW?

    sudo apt install ufw -y

  • ????????

    sudo ufw allow sshsudo ufw allow httpsudo ufw allow https

  • ??????

    sudo ufw enable

  • ????????

    sudo ufw status

6. ??Fail2ban

Fail2ban??????????????????????????IP???

  • ??Fail2ban?

    sudo apt install fail2ban -y

  • ???????

    sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

  • ??Fail2ban???

    sudo service fail2ban restart

  • ?????

    sudo fail2ban-client status ssh

7. ????????

??????????????????????????ss??????????????

  • ??????????

    sudo ss -atpu

  • ?????????

    ? Debian/Ubuntu ??

    sudo apt purge

    ? Red Hat/CentOS ??

    sudo yum remove

??????????????Linux?????????????????????????????????????????????????????????????????????????????????????????????

转载地址:http://peti.baihongyu.com/

你可能感兴趣的文章
OpenWrt包管理软件opkg的使用(极路由)
查看>>
OpenWrt固件编译刷机完全总结
查看>>
Open××× for Linux搭建之二
查看>>
Open×××有线网络时使用正常,无线网络时使用报错的解决方案
查看>>
Operation not supported on read-only collection 的解决方法 - [Windows Phone开发技巧系列1]
查看>>
OperationResult
查看>>
Operations Manager 2007 R2系列之仪表板(多)视图
查看>>
operator new and delete
查看>>
operator new 与 operator delete
查看>>
operator() error
查看>>
OPPO K3在哪里打开USB调试模式的完美方法
查看>>
Optional类:避免NullPointerException
查看>>
Optional讲解
查看>>
ORA-00932: inconsistent datatypes: expected - got NCLOB【ORA-00932: 数据类型不一致: 应为 -, 但却获得 NCLOB 】【解决办法】
查看>>
ORA-00942 表或视图不存在
查看>>
ORA-01795: 列表中的最大表达式数为 1000
查看>>
ORA-06575: 程序包或函数 NO_VM_DROP_PROC 处于无效状态
查看>>
ORA-08102的错误
查看>>
ORA-12505, TNS:listener does not currently know of SID given in connect descriptor异常
查看>>
ora-12541:tns:no listener
查看>>
喝酒易醉,品茶养心,人生如梦,品茶悟道,何以解忧?唯有杜康!-- 愿君每日到此一游!
当前时间: 2026-04-14 01:18:08   当前IP: 10.1.17.149   联系邮箱:javaeecc@qq.com     Copyright © 2020 - 2025 baihongyu.com 京ICP备2021015314号-2