March 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
25262728293031

Categories

March 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
25262728293031

RHEL 6 Security Guide

1. GRUB password

i. run as root with /sbin/grub-md5-crypt to get a MD5 hash. 
ii. add “password –md5 <password-hash>” below timeout line in /boot/grub/grub.conf 
iii. prees p when access grub menu

2. Administrative Controls for Root

Methods of Disabling the Root Account
Method Description Effects Does Not Affect
Changing the root shell. Edit the /etc/passwd file and change the shell from/bin/bash to /sbin/nologin.
Prevents access to the root shell and logs any such attempts.
The following programs are prevented from accessing the root account:
· login
· gdm
· kdm
· xdm
· su
· ssh
· scp
· sftp
Programs that do not require a shell, such as FTP clients, mail clients, and many setuid programs.
The following programs arenot prevented from accessing the root account:
· sudo
· FTP clients
· Email clients
Disabling root access via any console device (tty). An empty /etc/securetty file prevents root login on any devices attached to the computer.
Prevents access to the root account via the console or the network. The following programs are prevented from accessing the root account:
· login
· gdm
· kdm
· xdm
· Other network services that open a tty
Programs that do not log in as root, but perform administrative tasks through setuid or other mechanisms.
The following programs arenot prevented from accessing the root account:
· su
· sudo
· ssh
· scp
· sftp
Disabling root SSH logins. Edit the /etc/ssh/sshd_configfile and set thePermitRootLogin parameter tono.
Prevents root access via the OpenSSH suite of tools. The following programs are prevented from accessing the root account:
· ssh
· scp
· sftp
This only prevents root access to the OpenSSH suite of tools.
Use PAM to limit root access to services. Edit the file for the target service in the /etc/pam.d/directory. Make sure thepam_listfile.so is required for authentication.
Prevents root access to network services that are PAM aware.
The following services are prevented from accessing the root account:
· FTP clients
· Email clients
· login
· gdm
· kdm
· xdm
· ssh
· scp
· sftp
· Any PAM aware services
Programs and services that are not PAM aware.

 3. Checking Listening Ports

nmap -sT -O localhost ; netstat -atunp ; lsof -i

4. Access Control to Network Services Flowchart

iptables

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>