Scribd
Upload
62 views1 page

Linux Lab 18 Securing Hosts

This document provides instructions for securing hosts on a Linux system. It covers configuring TCP wrappers and the xinetd super daemon to control access, and setting up remote logging. Steps are provided to block specific IP addresses from SSH, create a custom finger daemon, and configure remote logging and log rotation.

Uploaded by

smile4ever54
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF or read online on Scribd
62 views1 page

Linux Lab 18 Securing Hosts

This document provides instructions for securing hosts on a Linux system. It covers configuring TCP wrappers and the xinetd super daemon to control access, and setting up remote logging. Steps are provided to block specific IP addresses from SSH, create a custom finger daemon, and configure remote logging and log rotation.

Uploaded by

smile4ever54
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF or read online on Scribd
You are on page 1/ 1

Linux Workshop

Lab 18 Securing hosts (wrapper,xinetd,logging)

Requirements Quick Reference Objectives to learn


➢ Modern Linux distribution TCP wrapper #Check order and examples:
➢ finger package installed vi /etc/hosts.allow #See: man 5 hosts_access
in.telnetd : ALL : spawn echo “login from %c to %s ¦ mail -s warn root
vi /etc/hosts.deny
sshd : ALL EXCEPT 172.28.24.

Super daemon xinetd #Tip: Use snippetname from /etc/services


vi /etc/xinetd.conf #Edit general settings
vi /etc/xinetd.d/snippet #Change settings per snippet
only_from = 172.28.0.0/16 172.27.200.1
no_access = 172.28.24.1
access_times = 9:00-18:00
To Do
per_source =2
1. When your neighbor is finished with ssh, block /etc/init.d/xinetd restart #Activate changes
your neighbor's IP address from using ssh with
the /etc/hosts.allow and/or hosts.deny. Test the Logging
results. vi /etc/syslog.conf #Edit syslog logger configuration
You may also block a Windows host from using #See: man syslog.conf for facilities and priorities
putty.exe (the ssh-client). vi /etc/sysconfig/syslog #Edit syslogdaemon -r for remote logging
SYSLOGD_PARAMS=”-r -s my.domain”
2. Create your own fake finger daemon: SYSLOGD_OPTIONS=”-r -m 0”
- Checkout the finger command:
#Generate message for syslogger:
finger [email protected]
logger -i -p kern.emerg -t yourname “Text”
- Create a script file called /usr/local/sbin/fingerd vi /etc/logrotate.conf #Edit maxlog files, logrotate is in crontab
with the following content:
#!/bin/bash
echo “Finger is disabled for privacy
reasons ...”
- Make the new file executable:
chmod +x fingerd
- Copy an existing snippet to a file called finger Theory Modules
and use the following options in the file:
LPIC 1 Certification Bible, isbn 0-7645-4772-0
wait = no ➢ p. 413-420 System Logging
user = nobody ➢ p. 602-604 Using the Internet Super Server
protocol = tcp ➢ p. 697-701 Configuring TCP wrappers
server = /usr/local/sbin/fingerd
- Activate the changes by restarting the super
daemon or by using:
killall -SIGHUP xinetd
- Checkout the finger command again.
Extra References
3. Make your syslogger available for remote logging
(add -r in /etc/sysconfig/syslog). Others may ➢ www.tldp.org
redirect to your host by addressing you with
@hostname in the syslog.conf file.
4. Create a group called loggroup. Add your user as
a member. Change the default group owner of
the /var/log/messages file to loggroup in the
/etc/logrotate.conf.

© October 2, 2005, wiki.novell.com/index.php/Roberts_Quick_References, author of Foundations of Linux networking

You might also like