The system security commands that must be learned to limit the abuse of su commands
We know that superusers have the greatest rights in Linux, and almost all hackers want to get this goal. Linux can add restrictions on switching to superusers. Use PAM (Pluggable Authentication Modules) to prohibit anyone except in the wheel group from su root, modifying the /etc//su file, and removing the masking identifier#. Use /usr/sbin/usermod G10 bjecadm to add the bjecadm account to the group with gid 10, which is the wheel group. The command is as follows:
/etc//su# Verify using password #
auth sufficient /lib/security/pam_wheel.so debug
# Restrict only wheel group users can switch to root#
auth required /lib/security/pam_wheel.so use_uid
chmod -G10 bjecadm
In addition, whenever the user tries to enter the system user with the su command, the command will write a message in the /usr/adm/sulog file. If the file records a large amount of invalid operation information trying to enter root with su, it indicates that someone may attempt to decipher the root password.
Linux commands have powerful functions. For Linux system administrators, they often only need to combine various security command techniques to form a security line. From the perspective of computer security, there is no absolutely secure computer system in the world, and Linux systems are no exception.
15:44 Add comments Permalink Quote announcements (0) Record it Other people’s experience
Permalink
/blog/cns!4D4B02D49A61242C!
Add a comment
Must read for new Linux: Linux Common Commands Enter and Exit the System
Enter Linux system:
You must enter the user's account. During the system installation process, you can create the following two accounts:
1. root--Super user account (system administrator), you can do anything in the system using this account.
2. Ordinary user--This account is for ordinary users and can perform limited operations.
General Linux users are ordinary users, while system administrators generally use super user accounts to complete some system management work. If you only need to complete some tasks that can be completed by a normal account, it is recommended not to use a super user account to avoid accidentally destroying the system. Affects the normal operation of the system.
User login is divided into two steps: the first step is to enter the user's login name, and the system recognizes the user based on the login name; the second step is to enter the user's password, which is a string set by the user and is kept confidential to other users. It is the keyword used by the system to distinguish the real and fake users when logging in.
When the user correctly enters the user name and password, he or she can enter the system legally. Screen display:
[root@loclhost /root] #
At this time, you can do various operations on the system. Note that the prompt for the super user is "#", and the prompt for other users is "$".
Modify password
In order to better protect the security of user accounts, Linux allows users to modify their passwords at any time. The command to modify passwords is passwd. It will prompt the user to enter the old password and the new password, and then ask the user to confirm the new password again to avoid the user accidentally pressing the wrong key. If the user forgets the password, you can apply to the system administrator to reset one for yourself.
Virtual console
Linux is a true multi-user operating system that can accept multiple user logins at the same time. Linux also allows a user to log in multiple times, because Linux, like UNIX, provides access to a virtual console, allowing users to log in multiple times from the console at the same time. The selection of a virtual console can be achieved by pressing the Alt key and a function key. Usually, F1-F6 is used. For example, after the user logs in, press the Alt-F2 key, the user can see the "login:" prompt, indicating that the user has seen the second virtual console. Then just press the Alt-F1 key and you can go back to the first virtual console. A newly installed Linux system allows users to access the first six virtual consoles by default using Alt-F1 to Alt-F6 keys. The virtual console allows users to work on multiple consoles at the same time, truly reflecting the characteristics of multiple users in the Linux system. The user can switch to another virtual console to start another job before the work is finished.
Exit the system
Whether it is a super user or an ordinary user, when you need to exit the system, type the exit command at the shell prompt.
Commonly used commands for getting started with Linux
Copy, delete and move Linux files commands
cp command
The function of this command is to copy the given file or directory to another file or directory. It is like the copy command under MSDOS, and it has very powerful functions.
Syntax: CP [Options] Source file or directory Target file or directory
Description: This command copies the specified source file to the target file or copies multiple source files to the target directory.
The meaning of the options of this command is as follows:
- a This option is usually used when copying directories. It retains links and file attributes, and recursively copies directories, whose function is equal to the combination of dpR options.
- d Keep the link when copying.
- f Delete the existing target file without prompting.
- i and f options, a prompt will be given to the user for confirmation before overwriting the target file. When answering y, the target file will be overwritten and is an interactive copy.
- p In addition to copying the contents of the source file, cp will also copy its modification time and access rights to the new file.
- r If the source file given is a directory file, CP will recursively copy all subdirectories and files in that directory. At this time, the target file must be a directory name.
- l No copying, just linking files.
It should be noted that in order to prevent users from using the cp command to destroy another file inadvertently, if the target file name specified by the user already exists, after copying the file with the cp command, the file will be overwritten by the new source file. Therefore, it is recommended that users use the i option when copying the file using the cp command.
Commonly used commands for getting started with Linux
mv command
Users can use the mv command to rename files or directories or move files from one directory to another. This command is like the combination of ren and move under MSDOS.
Syntax: mv [Options] Source file or directory Target file or directory
Description: Depending on the difference in the second parameter type in the mv command (the target file or the target directory), the mv command renames the file or moves it to a new directory. When the second parameter type is a file, the mv command completes the file renaming. At this time, there can only be one source file (or the source directory name), which renames the given source file or directory to the given target file name. When the second parameter is the existing directory name, there can be multiple source file or directory parameters. The mv command moves the source files specified by each parameter to the target directory. When moving files across file systems, mv first copy them and then delete the original file, and the link to the file will also be lost.
The meaning of each option in the command is:
- I Interactive operation. If the mv operation will cause overwriting of the existing target file, the system will ask whether to rewrite it and ask the user to answer y or n, which can avoid accidentally overwriting the file.
- f Prohibit interaction. There is no indication when the mv operation wants to overwrite an existing target file. After specifying this option, the i option will no longer work.
If the given target file (not a directory) already exists, the contents of the file will be overwritten by the new file. To prevent users from destroying another file with the mv command, it is best to use the i option when using the mv command to move the file.
rm command
Users can use the rm command to delete unnecessary files. The function of this command is to delete one or more files or directories in a directory. It can also delete all files and subdirectories under a directory. For linked files, just the link is broken and the original file remains unchanged.
The general form of the rm command is:
rm[Options] File…
If the - r option is not used, rm will not delete the directory.
The meaning of the options of this command is as follows:
- f Ignore non-existent files and never give prompts.
- r Instruct rm to recursively delete all directories and subdirectories listed in the parameters.
- i Product interactive deletion.
Be careful when using the rm command. Because once the file is deleted, it cannot be restored. To prevent this from happening, you can use the i option to confirm the files to be deleted one by one. If the user enters y, the file will be deleted. If you enter anything else, the file will not be deleted.
Commonly used commands for getting started with Linux
Linux directory creation and deletion command
mkdir command
Function: Create a directory (similar to the md command under MSDOS).
Syntax: mkdir [Options] dir-name
Description: This command creates a directory named by dir-name. The user who created the directory is required to have write permissions in the current directory (in the parent directory of dir-name), and dirname cannot be the directory or file name that is already in the current directory.
The meaning of each option in the command is:
- m Set access permissions for the new directory. You can also use the chmod command to set it.
- p can be a path name. At this time, if some directories in the path do not exist yet, after adding this option, the system will automatically create directories that do not exist yet, that is, multiple directories can be created at a time.
rmdir command
Function: Delete empty directory.
Syntax: rmdir [Options] dir-name
Description: dir-name represents the directory name. This command deletes one or more subdirectory entries from a directory. It should be noted that a directory must be empty before it is deleted. The rm - r dir command can replace rmdir, but it is dangerous. You must also have write permissions to the parent directory when deleting a directory.
The meaning of each option in the command is:
- p Recursively delete the directory dirname. When the child directory is deleted, its parent directory is also deleted. If the entire path is deleted or part of the path is retained for some reason, the system displays the corresponding information on the standard output.
cd command
Function: Change the working directory.
Syntax: cd [directory]
Description: This command changes the current directory to the directory specified in the directory. If the directory is not specified, it will return to the user's home directory. In order to change to a specified directory, the user must have execution and read permissions to the specified directory.
This command can use wildcard characters (see Chapter 10 for the meaning of wildcard characters).
Previous page1234Next pageRead the full text