[Forgot Password]
Login  Register Subscribe

24436

 
 

131815

 
 

116471

 
 

909

 
 

91176

 
 

140

 
 
Paid content will be excluded from the download.

Filter
Matches : 24436 Download | Alert*

Disable RDS Support The Reliable Datagram Sockets (RDS) protocol is a transport layer protocol designed to provide reliable high- bandwidth, low-latency communications between nodes in a cluster. To configure the system to prevent the 'rds' kernel module from being loaded, add the following line to a file in the directory '/etc/modprobe.d':

Verify User Who Owns group File To properly set the owner of '/etc/group', run the command:

Ensure Logs Sent To Remote Host To configure rsyslog to send logs to a remote log server, open '/etc/rsyslog.conf' and read and understand the last section of the file, which describes the multiple directives necessary to activate remote logging. Along with these other directives, the system can be configured to forward its logs to a particular log server by adding or correcting one of the follow ...

Disable Interface Usage of IPv6 To disable interface usage of IPv6, add or correct the following lines in '/etc/sysconfig/network': NETWORKING_IPV6=no IPV6INIT=no

Disable Core Dumps for All Users To disable core dumps for all users, add the following line to '/etc/security/limits.conf': '* hard core 0'

Disable CGI Support The 'cgi' module allows HTML to interact with the CGI web programming language. If this functionality is unnecessary, comment out the module: '#LoadModule cgi_module modules/mod_cgi.so'

System Audit Logs Must Have Mode 0640 or Less Permissive Change the mode of the audit log files with the following command: '$ sudo chmod 0640 audit_file'

Record Events that Modify the System's Discretionary Access Controls - chown At a minimum the audit system should collect file permission changes for all users and root. If the 'auditd' daemon is configured to use the 'augenrules' program to read audit rules during daemon startup (the default), add the following line to a file with suffix '.rules' in the directory '/etc/audit/rules.d': '-a always ...

Restrict Virtual Console Root Logins To restrict root logins through the (deprecated) virtual console devices, ensure lines of this form do not appear in '/etc/securetty': vc/1 vc/2 vc/3 vc/4

Set Password Hashing Algorithm in /etc/login.defs In '/etc/login.defs', add or correct the following line to ensure the system will use SHA-512 as the hashing algorithm: 'ENCRYPT_METHOD SHA512'


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   2443

© SecPod Technologies