Wednesday, December 30, 2009

Solaris 10 hardening

a few step..

1.NTP

To configure NTP on a Solaris server:

1. Create the file /etc/inet/ntp.conf with the following entries: ( using VI )
server 128.83.185.40
server 128.83.185.41
driftfile /etc/ntp.drift
2. Create the file /etc/ntp.drift with the following entry:
0.0
3. Restart the NTP service by issuing the following commands:
/etc/rc2.d/S74xntd stop
/etc/rc2.d/S74xntd start

2.SSH
sshd config file for the entire server is in /etc/ssh/sshd_config
like linux disable the permitrootlogin
also IgnoreRhosts yes


To stop and start sshd:

svcadm disable ssh
svcadm enable ssh

3.Terminal Audit trail1. Login as root
2. Type "touch /var/adm/loginlog" and press Return.
3. Type "chmod 700 /var/adm/loginlog" and press Return.
4. Type "chgrp sys /var/adm/loginlog" and press Return.
5. Make sure the log works by trying to log in to the system six times with the wrong password.
6. Type "more /var/adm/loginlog" and review the output to make sure the login attempts are being logged successfully
Posted by at No comments:
Labels:

How to install yum

how to install yum on Red Hat Enterprise Linux 4

This case applies to most Red Hat Enterprise Linux 4, from i386 to i686 machines, i’ve successfully used it on our Red Hat Enterprise Linux ES release 4 (Nahant Update 6):
To use it for other systems / architectures, check the packages given at (check).
1. Get the main packages
(check) http://dag.wieers.com/rpm/packages/yum/
(REDHAT 4 )
$wget http://dag.wieers.com/rpm/packages/yum/yum-2.4.2-0.4.el4.rf.noarch.rpm

(redhat 3)
$wget http://dag.wieers.com/rpm/packages/yum/yum-2.0.8-0.1.el3.rf.noarch.rpm
(check) http://rpmfind.net/linux/rpm2html/search.php?query=libsqlite.so.0&submit=Search+…&system=&arch=
$wget ftp://fr2.rpmfind.net/linux/PLD/dists/ac/ready/i386/libsqlite-2.8.15-1.i386.rpm
(check) http://rpmfind.net/linux/rpm2html/search.php?query=python-elementtree&submit=Search+…&system=&arch=
$wget ftp://rpmfind.net/linux/dag/redhat/el4/en/i386/dag/RPMS/python-elementtree-1.2.6-7.el4.rf.i386.rpm
(check) http://rpmfind.net/linux/rpm2html/search.php?query=python-sqlite&submit=Search+…&system=&arch=
$wget ftp://rpmfind.net/linux/dag/redhat/el4/en/i386/dag/RPMS/python-sqlite-0.5.0-1.2.el4.rf.i386.rpm
(check) http://rpmfind.net/linux/rpm2html/
search.php?query=urlgrabber&submit=Search+…&system=&arch=
$wget ftp://rpmfind.net/linux/dag/redhat/el4/en/x86_64/dag/RPMS/python-urlgrabber-2.9.7-1.2.el4.rf.noarch.rpm
2. Install Rpm’s
$rpm -ivh libsqlite-2.8.15-1.i386.rpm
$rpm -ivh python-elementtree-1.2.6-7.el4.rf.i386.rpm
$rpm -ivh python-sqlite-0.5.0-1.2.el4.rf.i386.rpm
$rpm -ivh python-urlgrabber-2.9.7-1.2.el4.rf.noarch.rpm
$rpm -ivh yum-2.4.2-0.4.el4.rf.noarch.rpm
3. Setup the Repository
(check) http://dag.wieers.com/rpm/packages/rpmforge-release/
$wget http://dag.wieers.com/rpm/packages/rpmforge-release/rpmforge-release-0.3.6-1.el4.rf.i386.rpm
$rpm -ivh rpmforge-release-0.3.6-1.el4.rf.i386.rpm
4. Yum update all packages
$yum update


------

syn
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)