Server security Tips and Tricks
1) Make Sure No Non-Root Accounts Have UID Set To 0
awk -F: ‘($3 == “0”) {print}’ /etc/passwd
2) World-Writable Files
find /dir -xdev -type d \( -perm -0002 -a ! -perm -1000 \) -print
Description : Anyone can modify world-writable file resulting into a security issue. Use the following command to find all world writable and sticky bits set files:
3) Disable Unwanted Services
chkconfig –list | grep ‘3:on’
Description : Type the above command to list all services which are started at boot time in run level # 3
4) Nobody Filesfind /dir -xdev \( -nouser -o -nogroup \) -print
Description : Files not owned by any user or group can pose a security problem. Just find them with the following command which do not belong to a valid user and a valid group
5) Find Listening Network Portsnetstat -tulpn
Description : Use the above command to list all open ports and associated programs:
OR
nmap -sT -O localhost
nmap -sT -O server.example.com