Server security Tips and Tricks

 

1) Make Sure No Non-Root Accounts Have UID Set To 0
awk -F: ‘($3 == “0”) {print}’ /etc/passwd

 

2) World-Writable Files

find /dir -xdev -type d \( -perm -0002 -a ! -perm -1000 \) -print

Description : Anyone can modify world-writable file resulting into a security issue. Use the following command to find all world writable and sticky bits set files:

 

3) Disable Unwanted Services

chkconfig –list | grep ‘3:on’

Description : Type the above command to list all services which are started at boot time in run level # 3
4) Nobody Files

find /dir -xdev \( -nouser -o -nogroup \) -print

Description : Files not owned by any user or group can pose a security problem. Just find them with the following command which do not belong to a valid user and a valid group
5) Find Listening Network Ports

netstat -tulpn

Description : Use the above command to list all open ports and associated programs:

OR
nmap -sT -O localhost
nmap -sT -O server.example.com