[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 30385 Download | Alert*

Verify /boot/grub2/grub.cfg Permissions File permissions for '/boot/grub2/grub.cfg' should be set to 600. To properly set the permissions of '/boot/grub2/grub.cfg', run the command:

Disable Server Side Includes Server Side Includes provide a method of dynamically generating web pages through the insertion of server-side code. However, the technology is also deprecated and introduces significant security concerns. If this functionality is unnecessary, comment out the related module: '#LoadModule include_module modules/mod_include.so' If there is a critical need for Server Sid ...

Disable Ctrl-Alt-Del Reboot Activation By default, the system includes the following line in '/etc/init/control-alt-delete.conf' to reboot the system when the Ctrl-Alt-Del key sequence is pressed: 'exec /sbin/shutdown -r now "Control-Alt-Delete pressed"' To configure the system to log a message instead of rebooting the system, alter that line to read as follows: 'exec /usr/bin/logger -p security ...

Configure statd to use static port Configure the 'statd' daemon to use a static port as opposed to letting the RPC Bind service dynamically assign a port. Edit the file '/etc/sysconfig/nfs'. Add or correct the following line: 'STATD_PORT=statd-port' Where 'statd-port' is a port which is not used by any other service on your network.

Disable WebDAV (Distributed Authoring and Versioning) WebDAV is an extension of the HTTP protocol that provides distributed and collaborative access to web content. If its functionality is unnecessary, comment out the related modules: #LoadModule dav_module modules/mod_dav.so #LoadModule dav_fs_module modules/mod_dav_fs.so If there is a critical need for WebDAV, extra care should be taken in its ...

Restrict Access to Kernel Message Buffer To set the runtime status of the 'kernel.dmesg_restrict' kernel parameter, run the following command:

Specify a Remote NTP Server To specify a remote NTP server for time synchronization, edit the file '/etc/ntp.conf'. Add or correct the following lines, substituting the IP or hostname of a remote NTP server for

Ensure gpgcheck Enabled For All Yum Package Repositories To ensure signature checking is not disabled for any repos, remove any lines from files in '/etc/yum.repos.d' of the form: 'gpgcheck=0'

Specify Additional Remote NTP Servers Additional NTP servers can be specified for time synchronization in the file '/etc/ntp.conf'. To do so, add additional lines of the following form, substituting the IP address or hostname of a remote NTP server for

Restrict NFS Clients to Privileged Ports By default, the server NFS implementation requires that all client requests be made from ports less than 1024. If your organization has control over machines connected to its network, and if NFS requests are prohibited at the border firewall, this offers some protection against malicious requests from unprivileged users. Therefore, the default should not b ...

Pages:      Start    3010    3011    3012    3013    3014    3015    3016    3017    3018    3019    3020    3021    3022    3023    ..   3038

© SecPod Technologies