Professional Documents
Culture Documents
Warning: Each time you create a new user it'll throw an error, adduser: cannot open /etc/passwd or
something similar
#Edit /etc/pam.d/password-auth and add the following line at the top of auth section:
auth
required
unlock_time=900
required
pam_tally2.so
#Edit /etc/pam.d/system-auth and edit the pam_cracklib.so line to look like the following:
password requisite pam_cracklib.so try_first_pass retry=3 minlen=8 ucredit=1 dcredit=1
ocredit=1 lcredit=1
After updating the file execute, the following command to apply the changes:
authconfig --updateall
Install HIDS
#Install Tripwire and setup according to your requirements:
yum install tripwire
tripwire-setup-keyfiles
tripwire init
Install Antivirus
#Install ClamAV:
yum install clamav clamd (RPMforge, Atomic or EPEL repos required)
Setup NTP
#Install ntp if not already installed by issuing, yum install ntp and comment out all the existing time
servers and add your own in /etc/ntp.conf:
server serverip/domain iburst
After saving the file issue command, sysctl -p to apply the config
Note: You may or may not need to mail yourself the logs of Tripwire and ClamAV for which you'll
need to setup cron jobs. Youd want to sure only server admins have sudo rights on your servers and
even if others do have sudo rights, theyre limited to few specific commands only.
A sample banner:
*****************************************************************************
***
!!! WARNING !!!
***
*** THIS IS A PRIVATE AND PROPRIETARY SYSTEM. ANY UNAUTHORIZED ACCESS ***
*** TO OR MISUSE OF SYSTEMS OR DATA MAY RESULT IN CIVIL AND/OR CRIMINAL ***
*** PROSECUTION, EMPLOYEE DISCIPLINE UP TO AND INCLUDING DISCHARGE, OR
***
***
THE TERMINATION OF VENDOR/SERVICE CONTRACTS.
***
*****************************************************************************
***
!-!-! ACCESS AND USE OF THIS SYSTEM IS MONITORED !-!-!
***
*****************************************************************************