[Forgot Password]
Login  Register Subscribe

24436

 
 

131815

 
 

115228

 
 

909

 
 

90122

 
 

140

 
 
Paid content will be excluded from the download.

Filter
Matches : 24436 Download | Alert*

Disable System Statistics Reset Service (sysstat) The 'sysstat' service resets various I/O and CPU performance statistics to zero in order to begin counting from a fresh state at boot time. The 'sysstat' service can be disabled with the following command: '$ sudo systemctl disable sysstat'

Disable Prelinking The prelinking feature changes binaries in an attempt to decrease their startup time. In order to disable it, change or add the following line inside the file '/etc/sysconfig/prelink': 'PRELINKING=no' Next, run the following command to return binaries to a normal, non-prelinked state: '$ sudo /usr/sbin/prelink -ua'

Disable Modprobe Loading of USB Storage Driver To prevent USB storage devices from being used, configure the kernel module loading system to prevent automatic loading of the USB storage driver. To configure the system to prevent the 'usb-storage' kernel module from being loaded, add the following line to a file in the directory '/etc/modprobe.d':

Enable cron Service The 'crond' service is used to execute commands at preconfigured times. It is required by almost all systems to perform necessary maintenance tasks, such as notifying root of system activity. The 'crond' service can be enabled with the following command: '$ sudo systemctl enable crond'

Disable anacron Service The 'cronie-anacron' package, which provides 'anacron' functionality, is installed by default. The 'cronie-anacron' package can be removed with the following command: '$ sudo yum erase cronie-anacron'

Disable At Service (atd) The 'at' and 'batch' commands can be used to schedule tasks that are meant to be executed only once. This allows delayed execution in a manner similar to cron, except that it is not recurring. The daemon 'atd' keeps track of tasks scheduled vi A'at' and 'batch', and executes them at the specified time. The 'atd' service can be disabled with the following command: ...

Disable SSH Server If Possible (Unusual) The SSH server service, sshd, is commonly needed. However, if it can be disabled, do so. The 'sshd' service can be disabled with the following command: '$ sudo systemctl disable sshd' This is unusual, as SSH is a common method for encrypted and authenticated remote access.

Remove SSH Server iptables Firewall exception (Unusual) By default, inbound connections to SSH's port are allowed. If the SSH server is not being used, this exception should be removed from the firewall configuration. Edit the files '/etc/sysconfig/iptables' and '/etc/sysconfig/ip6tables' (if IPv6 is in use). In each file, locate and delete the line: '-A INPUT -m state --state NEW -m tcp -p tcp ...

Limit Users' SSH Access By default, the SSH configuration allows any user with an account to access the system. In order to specify the users that are allowed to login via SSH and deny all other users, add or correct the following line in the '/etc/ssh/sshd_config' file: 'DenyUsers USER1 USER2' Where 'USER1' and 'USER2' are valid user names.

Disable Avahi Server Software The 'avahi-daemon' service can be disabled with the following command: '$ sudo systemctl disable avahi-daemon'


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   2443

© SecPod Technologies