Securing-Optimizing-RH-Linux-1_2_57
Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca
© Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ®
57
This firewall rule will allow outgoing UDP packet on port 514 (syslog port) on the local server
destined to the remote syslog server to be accepted. For more information on Firewall see the
chapter 7 Networking firewall.
NOTE: Never use your Gateway Server as a host to control all syslog messages, this is a very bad
idea. More options and strategies exist with the sysklogd program, see the man pages about
sysklogd (8), syslog(2), and syslog.conf(5) for more information.
30. Fix the permissions under /etc/rc.d/init.d directory for script files
Fix the permissions of the scripts files that are responsible to start and stop all your normal
processes that need to run at boot time.
[root@deep /]# chmod -R 700 /etc/rc.d/init.d/*
Which means just root is allowed to Read, Write, and Execute scripts files on this directory. I dont
think regular users need to know what inside those script files.
NOTE: If you install a new program or update a program that use the init system V script located
under /etc/rc.d/init.d/ directory, dont forget to change or verify the permission of this script file
again.
31. The /etc/rc.d/rc.local file
By default, when you login to a Linux box, it tells you the Linux distribution name, version, kernel
version, and the name of the server. This is giving away too much info. We rather just prompt
users with a "Login:" prompt.
Step 1
To do this, Edit the "/etc/rc.d/rc.local" file and Place "#" in front of the following lines like shown:
--
# This will overwrite /etc/issue at every boot. So, make any changes you
# want to make to /etc/issue here or you will lose them when you reboot.
#echo "" > /etc/issue
#echo "$R" >> /etc/issue
#echo "Kernel $(uname -r) on $a $(uname -m)" >> /etc/issue
#
#cp -f /etc/issue /etc/issue.net
#echo >> /etc/issue
--
Step 2
Then, remove the following files issue.net and issue under /etc directory:
[root@deep /]# rm -f /etc/issue
[root@deep /]# rm -f /etc/issue.net
NOTE: The /etc/issue.net file is the login banner that users will see when they make a networked
(i.e. telnet, SSH) connection to your machine. You will find it in the /etc directory, along with a
similar file called "issue", which is the login banner that gets displayed to local users. It is simply a
text file and can be customized to your own tastes, but be aware that if you do change it or
remove it like we do, you'll also need to modify the /etc/rc.d/rc.local shell script, which re-creates
both the "issue" and "issue.net" files every time the system boots.