Differences between revisions 9 and 10
Revision 9 as of 2012-02-24 01:48:58
Size: 1347
Editor: ?zhoucn9999
Comment:
Revision 10 as of 2012-02-24 03:22:15
Size: 27
Editor: PaulWise
Comment: spam
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
#language en
~-[[DebianWiki/EditorGuide#translation|Translation(s)]]: none-~
----
The following are some system hardening recommendation from security auditor for default configuration of Debian GNU/Linux. You may apply if appropriate.

## If your page gets really long, uncomment this Table of Contents
## <<TableOfContents(2)>>

== Login Credential ==

/etc/login.defs: Enforce changing password after limited days

PASS_MAX_DAYS 93

/etc/ssh/sshd_config: Disable root login as many brute force attack target to 'root' user

PermitRootLogin no

/etc/pam.d/common-password: Enforce using strong password (Requires libpam-cracklib)

password required pam_unix.so nullok obscure md5 remember=11 min=6

== Miscellaneous ==

/etc/issue, /etc/issue.net: Set warning message and remove server identity such as OS version

WARNING: This system is restricted access to authorized person only.

## You can add other _helpful_ links here.
##== See also ==
##----

## If this page belongs to an existing Category, add it below.
## CategorySomething | CategoryAnother
----
CategorySystemSecurity CategorySystemSecurity
[[http://www.ebuysilver.com|wholesale silver jewelry]]
[[http://www.ebuysilver.com|silver jewelry]]
[[http://www.ebuysilver.com|925 silver]]
[[http://www.ebuysilver.com|wholesale jewelry]]
#redirect zh_CN/FrontPage