Step 1: Take the Machine Off the Network


If you have just installed the server s operating system it is likely that the current condition poses an unnecessary security risk. To minimize your exposure it is safest to take the server off the network until the services are tightened down. Merely unplug the Ethernet cable for now. It will get plugged in during step 8. If you cannot unplug the Ethernet cable, it is possible to temporarily disable the server s network interface by typing the following from a command prompt (as root):

 ifconfig  interface  down 

For example:

 ifconfig eth0 down 

Repeat this step for as many network interfaces as the server has.

start sidebar
Runlevels

Linux systems, like Unix systems, are designed for doing multiple tasks . A runlevel, or run state, as it is sometimes called, is a number between 1 and 6 that describes the role the system is playing. All the applications that are running at a runlevel are intended to work together. Easy transition between different configurations is considered one of the strengths that Linux systems have. Changing the machine runlevel is easy; it requires just one command, init . You can change the runlevel by typing init newrunlevel at the command line (as root). For example, init 6 would reboot the system since runlevel 6 is for reboot. The default runlevel your computer has is set in /etc/inittab on the line that looks like id:3:initdefault:. Servers with a text login have a default runlevel of 3, and servers with a graphic login have the default runlevel of 5. The difference between a text and graphical login is whether the X server is running. To maximize your server's available power, it makes good sense to have a default runlevel of 3 and to not be logged into the window manager for no reason for days at a time. Table 2-1 lists possible runlevels and what they mean.

Table 2-1: Runlevels

Runlevel

State

Shutdown

1

Single user mode

2

Multiuser without network

3

Multiuser text based

4

Multiuser with X server Slackware/BSD)

5

Multiuser with X server (Red Hat, SUSE, Debian)

6

Reboot

S

Single user (Slackware)

M

Multiuser (Slackware)

end sidebar
 



Hardening Linux
Hardening Linux
ISBN: 0072254971
EAN: 2147483647
Year: 2004
Pages: 113

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net