Skip to content

General linux security (Sambungan)

November 11, 2007

Disable Ctrl+Alt+Del

Untuk mendisable-nya

[root@lp3tnf13 ~]# vi /etc/inittab

============================
.
.
.
#Trap CTRL-ALT-DELETE
# beri tanda “#” untuk mendisable-nya.
#ca::ctrlaltdel:/sbin/shutdown -t3 -r now
.
.
=============================

Set Timeout Login

[root@lp3tnf13 ~]# vi /etc/profile
atau
[root@lp3tnf13 ~]# vi /etc/bashrc

====================================

USER=`id -un`
LOGNAME=$USER
MAIL=”/var/spool/mail/$USER”
HISTCONTROL=ignoredups
HOSTNAME=`/bin/hostname`
HISTSIZE=1000
TMOUT=3600 >>> Isi disini
if [ -z “$INPUTRC” -a ! -f “$HOME/.inputrc” ]; then
    INPUTRC=/etc/inputrc
fi

======================================

Set Attribute file

Melihat attribute file
lsattr /etc/passwd

Membuat Immutable file (file yang tidak dapat dihapus)
chattr ti /etc/passwd

Set quota per user
quota user

Set resource limits
/etc/security/limits.conf
===============================================================

hard     core   0           > set pembuatan file core = 0, jadi ga bisa mendisable instalasi
hard     rss    5000      > Set Penggunaan memory 5 MHz
hard      proc   20         > Set Penggunaan Proses, hanya 20 proses yang dilayani
================================================================

/etc /pam.d/login                                 >>> untuk mengaktifkan konfigurasi resource limit
session    required   pam_limits.so

Set Mounting file system
vi /etc/fstab

/dev/hda1     /            ext3         defaults    1   1
/dev/hda2    /home    ext3        defaults,ro,nosuid,noexec,nodev

keterangan :
1   1 = berarti menjalankan perintah backup dan fsck (scandisk)
ro=read only
nosuid = tidak boleh mejalankan program suid
noexec=tidak boleh meng-eksekusi file eksekusi
nodev=tidak boleh mounting

Powered by ScribeFire.

From → Linux

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: