Scribd Logo
Upload

Welcome to Scribd!

  • Cse Linux Ubuntu

    Uploaded by

    api-587534219
    66 views14 pages

    Original Title

    cse linux ubuntu

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    66 views14 pages

    Cse Linux Ubuntu

    Uploaded by

    api-587534219

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 14

    Linux Hardening

    Mark (202891C)
    Table of contents

    • Page 3-7:Password hardening


    • Page 8-9: Block USB port
    • Page 10: Firewall
    • Page 11:Upgrade Ubuntu Packages
    • Page 12: Checking connections in the system
    Password Complexity

    cisco@ubuntu:~$ sudo apt-get install libpam-pwquality


    cisco@ubuntu:~$ sudo nano /etc/pam.d/common-password
    password requisite pam_pwquality.so retry=3 ucredit=-1 dcredit=-1 ocredit=-1 minclass=2
    [ucredit: uppercase, dcredit: lowercase, ocredit: other letters, minclass: min num of classes of characters(1,a,$)]
    Password Minimum Length

    cisco@ubuntu:~$ sudo nano /etc/pam.d/common-password


    password [success=1 default=ignore] pam_unix.so obscure use_authtok try_first_pass sha512 minlen=5
    Remember Previous Passwords

    • cisco@ubuntu:~$ sudo nano /etc/pam.d/common-password


    • password [success=1 default=ignore] pam_unix.so obscure use_authtok try_first_pass
    sha512 minlen=5 remember=5
    Password Aging (New users)
    cisco@ubuntu:~$ sudo nano /etc/login.defs
    PASS_MAX_DAYS 14
    PASS_MIN_DAYS 1
    PASS_WARN_AGE 5
    Password Aging (Old users)

    cisco@ubuntu:~$ sudo chage –M 14 (username)[max]


    cisco@ubuntu:~$ sudo chage –m 1 (username)[min]
    cisco@ubuntu:~$ sudo chage –W 5 (username)[warn]
    cisco@ubuntu:~$ sudo chage –l (username)[show settings]
    Block USB port

    Code:
    • cisco@ubuntu:~$ sudo vim /etc/modprobe.d/blacklist.conf
    • blacklist usb-storage
    • cisco@ubuntu:~$ sudo vim /etc/rc.local
    • modprobe -r usb-storage
    In /etc/modprobe.d/blacklist.conf using vim

    In /etc/rc.local
    Activate Firewall • Ufw: Uncomplicated Firewall
    Was previously downloaded but
    not activated.
    Upgrade Ubuntu • cisco@ubuntu:~$ sudo apt-get upgrade (update
    packages)
    packages to latest • cisco@ubuntu:~$ sudo apt-get update (check updates)

    version
    Check connections in the system (method)

    • cisco@ubuntu:~$ netstat –antp


    • To see if there are any connections to the server that are not authorised or not needed.
    Future enhancements

    • Set the time to automatically get from outside the vm for an accurate time and date to
    use other resources in the vm like firefox.
    • If the update does not reset my progress, update the ubuntu server.
    Thank you

    You might also like