¿ìËÙÒµÎñͨµÀ

linux:linuxϵͳ°²È«Ïê½â

×÷Õß ØýÃû¼¼Êõ À´Ô´ Linuxϵͳ ä¯ÀÀ ·¢²¼Ê±¼ä 2012-04-18
·ÀÖ¹DOSÀàÐ͹¥»÷.
ÐèÒª±à¼­Îļþ
[root@tp /]# vi /etc/security/limits.conf
...
(ÕâÈýÐÐÊÇÌí¼ÓµÄ)
* hard core 0 ½ûÖ¹´´½¨coreÎļþ
* hard rss 5000 ÆäËûÓû§(³ýroot)×î¶àʹÓÃ5MÄÚ´æ
* hard nproc 20 ×î¶à½ø³ÌÊýÏÞÖÆÔÚ20
×¢:*±íʾËùÓеǽµ½linuxµÄÓû§.
# End of file
[root@tp /]# vi /etc/pam.d/login
...
ÔÚÎļþĩβ¼ÓÈëÏÂÃæÒ»ÐÐ
session required /lib/security/pam_limits.so
2,ÏÞÖÆ¿ØÖÆ̨µÄ·ÃÎÊ
[root@tp /]# vi /etc/securetty
...
ÎÒÃÇ×¢Ê͵ô
tty1
# tty2
# tty3
# tty4
# tty5
# tty6
Ö»ÁôÏÂtty1,Õâʱ,root½ö¿ÉÔÚtty1Öն˵Ǽ
3,½ûÖ¹ÍâÀ´pingÇëÇó.
[root@tp /]# vi /etc/rc.d/rc.local
...
ÔÚ¼ÓÈëÒ»ÐÐ
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
4,·ÀÖ¹IPµØÖ·ÆÛÆ­
[root@tp /]# vi /etc/host.conf
¼ÓÈëÈçϼ¸ÐÐ
order bind,hosts
multi off
nospoof on
5,½ûÖ¹suÃüÁî½øÈëroot(ÕâÒ»²¿ÎÒ·´¸´²âÊÔ×ÜÊDz»³É¹¦,group×éÀïµÄÓû§ÒÀÈ»²»ÄÜsu³ÉrootÓû§.Ï£ÍûÖªµÀµÄÅó ÓѸæËßÎÒ,лл)
[root@tp pam.d]# vi /etc/pam.d/su
...
ÔÚÏÂÃæ¼ÓÈëÈçÏÂÁ½ÐÐ
auth sufficient /lib/security/pam_rootok.so debug
auth required /lib/security/pam_wheel.so group=xxx
Õâ±íʾֻÓÐxxx×éµÄÓû§¿ÉÒÔsu³Éroot.
6,ʹÓÃTCP_WRAPPER
ÔÚĬÈÏÇé¿öÏÂlinuxϵͳÔÊÐíËùÓÐÇëÇó,¿ÉÓÃTCP_WRAPPERÔöÇ¿°²È«ÐÔ,
ÔÚ/etc/hosts.denyдÈë"ALL:ALL"½ûÖ¹ËùÓÐÇëÇó
[root@tp etc]# vi /etc/hosts.deny
#
# hosts.deny This file describes the names of the hosts which are
# *not* allowed to use the local INET services, as decided
# by the ''/usr/sbin/tcpd'' server.
#
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow. In particular
# you should know that NFS uses portmap!
"ALL:ALL"
°ÑÔÊÐí·ÃÎʵĿͻ§,»ò·þÎñÌí¼Óµ½/etc/hosts.allow,ðºÅ×ó±ßΪ·þÎñ,ðºÅÓÒ±ßΪÊÚȨµÄ»úÆ÷
[root@tp etc]# vi /etc/hosts.allow
#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the ''/usr/sbin/tcpd'' server.
#
vsftp:211.101.46.253 ×¢:½öÈçÐíIPµØַΪ211.101.46.253µÄ»úÆ÷·ÃÎÊFIP·þÎñÆ÷
7£®É¾¼õµÇ¼ÐÅÏ¢
[root@tp ~]# rm -f /etc/issue
[root@tp ~]# rm -f /etc/issue.net
[root@tp ~]# touch /etc/issue
[root@tp ~]# touch /etc/issue.net

Î塢ȷ±£¿ªÆô·þÎñµÄ°²È«ÐÔ
ÎÒÃÇÏÈÀ´¿´Ò»ÏÂ×Ô¼ºÏµÍ³¿ªÆôÁ˶àÉÙ·þÎñ.
[root@tp ~]# ps -eaf | wc -l
55
ÎÒµÄÊÇ55
ÎÒÃÇ¿ÉÒÔͨ¹ýµ±Ç°µÄ½ø³ÌÀïÔÚÀ´¿´Ò»Ï¶¼ÊÇʲô·þÎñ
[root@tp ~]# ps -aux
Warning: bad syntax, perhaps a bogus ''-''? See /usr/share/doc/procps-3.2.3/FAQ
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.2 2592 560 ? S 21:02 0:00 init [3]
root 2 0.0 0.0 0 0 ? SN 21:02 0:00 [ksoftirqd/0]
root 3 0.0 0.0 0 0 ? S< 21:02 0:00 [events/0]
root 4 0.0 0.0 0 0 ? S< 21:02 0:00 [khelper]
root 5 0.0 0.0 0 0 ? S< 21:02 0:00 [kacpid]
root 20 0.0 0.0 0 0 ? S< 21:02 0:00 [kblockd/0]
root 30 0.0 0.0 0 0 ? S 21:02 0:00 [pdflush]
root 31 0.0 0.0 0 0 ? S 21:02 0:00 [pdflush]
root 33 0.0 0.0 0 0 ? S< 21:02 0:00 [aio/0]
root 21 0.0 0.0 0 0 ? S 21:02 0:00 [khubd]
root 32 0.0 0.0 0 0 ? S 21:02 0:00 [kswapd0]
root 107 0.0 0.0 0 0 ? S 21:02 0:00 [kseriod]
root 181 0.0 0.0 0 0 ? S< 21:03 0:00 [kmirrord]
root 182 0.0 0.0 0 0 ? S< 21:03 0:00 [kmir_mon]
root 190 0.0 0.0 0 0 ? S 21:03 0:00 [kjournald]
root 1085 0.0 0.1 2604 444 ? S&l

ÁèÖڿƼ¼×¨ÒµÌṩ·þÎñÆ÷×âÓᢷþÎñÆ÷Íйܡ¢ÆóÒµÓʾ֡¢ÐéÄâÖ÷»úµÈ·þÎñ£¬¹«Ë¾ÍøÕ¾£ºhttp://www.lingzhong.cn ΪÁ˸ø¹ã´ó¿Í»§Á˽â¸ü¶àµÄ¼¼ÊõÐÅÏ¢£¬±¾¼¼ÊõÎÄÕÂÊÕ¼¯À´Ô´ÓÚÍøÂç,ÁèÖڿƼ¼×ðÖØÎÄÕÂ×÷ÕߵİæȨ£¬Èç¹ûÓÐÉæ¼°ÄãµÄ°æȨÓбØҪɾ³ýÄãµÄÎÄÕ£¬ÇëºÍÎÒÃÇÁªÏµ¡£ÒÔÉÏÐÅÏ¢ÓëÎÄÕÂÕýÎÄÊDz»¿É·Ö¸îµÄÒ»²¿·Ö,Èç¹ûÄúҪתÔر¾ÎÄÕÂ,Çë±£ÁôÒÔÉÏÐÅÏ¢£¬Ð»Ð»!

·ÖÏíµ½£º ¸ü¶à
HTTP/1.1 401 Access Denied ÌÈëÃÅÍø" target="_blank">iBATIS 3ÄÚµÄÐÂÌØÐÔ£º½«iBATISÓÃ×÷Ó¦ÓóÌÐòÄÚµÄÒ»Öֳ־ÿò¼Ü - ±à³ÌÈëÃÅÍø
  • Photoshop»æÖƸ߹âË®¾§ÖʸÐË®¾§Æ»¹û
  • Copyright ©1999-2011 ÏÃÃÅÁèÖڿƼ¼ÓÐÏÞ¹«Ë¾ ÏÃÃÅÓÅͨ»¥Áª¿Æ¼¼¿ª·¢ÓÐÏÞ¹«Ë¾ All rights reserved

    µØÖ·(ADD)£ºÏÃÃÅÈí¼þÔ°¶þÆÚÍûº£Â·63ºÅ701E£¨¶«ÄÏÈÚͨÅÔ£© Óʱà(ZIP)£º361008

    µç»°£º0592-5908028 ´«Õ棺0592-5908039 ×ÉѯÐÅÏ䣺web@lingzhong.cn ×ÉѯOICQ£º173723134

    ¡¶ÖлªÈËÃñ¹²ºÍ¹úÔöÖµµçÐÅÒµÎñ¾­ÓªÐí¿ÉÖ¤¡·ÃöB2-20100024  ICP±¸°¸:ÃöICP±¸05037997ºÅ