Binary I.T. Solutions, Inc.

Restrict root login on linux webservers

secure install-defaults

By default, many applications are installed with lose security. We can tweak some settings to make it much better in terms of security.


redhat, fedora, debian, bsd

Disable Direct ROOT login

In SSH


Code:

cp /etc/ssh/sshd_config /etc/ssh/sshd_config.original

now, edit /etc/ssh/sshd_config such that the following are:

Change that line that says:


Code:

Protocol 2,1

To read as follows:


Code:

Protocol 2

Change the line that says:


Code:

# PermitRootLogin yes

To read as follows:


Code:

PermitRootLogin no

Restrict the use of SU command

Once after you have disabled root SSH login, you should SSH using a regular account, and then give the su command to get root access. This is true for any user that enters the su command and enters the root password. Root access means absolute access, thus, it is recommended that you limit the usernames that can use the su command and get root access.

We have a group called wheel in the linux system, so what we will do is make the username that you added above a member of the wheel group, and restrict su such that only the members of the wheel group can use su

To do this, type the following command as root:


Code:

usermod -G wheel username


Next open the PAM configuration file for su,

/etc/pam.d/su, in an editor and remove the comment [#] from the following line:


Code:

auth required /lib/security/pam_wheel.so use_uid

Doing this will permit only members of the administrative group wheel to use have access to su.

Obtained from:
www.hungerfordwebdesign.com/blog/xss-and...on-linux-webservers/

Service Spotlight

  • Search Engine Optimization

SEO (Search Engine Optimization) Every time you turn around, there’s something new you have to know about on the internet. Think about it, there was a time when you knew every song on every album and what every make and model was driving down the street. Well, those days are OVER. But we are here to help you with the internet.

Las Vegas Web Design and Las Vegas Marketing Services can find ways of optimizing your site, finding valuable links, getting you added successfully to Local listing tools like Google, Yahoo, MSN and much more. We can tailor make a plan for as little as $99.00 per month guarenteed. This also includes the management of your Pay Per Click Advertisements.

Read More About SEO

Member Login