Tag Archives: debian

How to disable root access to RHEL Redhat systems. | disable root access linux

For security reasons, root access to Linux systems should be disabled as  standard theses days. Some distributions still allow it but other have blocked it by default. We should be taking advantage of sudo, which allows you to log in with your standard unprivileged account but execute root commands with the sudo app.

Here are some quick and easy steps to stop root access to your system and improve your security footprint.

This command will lock the root account

This will replace the hashed password with “!”, which is another way to stop logons

To add another level of security you should also disable root logons from the ssh server too. Here is how to do so,

Ensure the following entry is set, if it currently does not exist in the config file, add it anywhere.

 

GeoIP – Converting IPs to Physical Locations. | locate based on IP geoip maxmind tracing

I manage a large scale SSH server. This server is open to the world via SSH port 22.

Considering I only have Australian clients I would expect only Australian IP’s connected to it, so how would I know?

You can google the IP but that is a manual time consuming process. So I have automated it!

There is a open source tool called GeoIP. Its available by default on Debian and Redhat based distros. Install it with the following method.

Debian

 

Redhat

 

Usage

 

As you can see above, it resolves IP to country. This was perfect for the work I was doing but if you want specific city and GPS coordinates you need to download a higher detailed database from Maxmind.

So to update the database perform the following.

 

Now that you have the new database, you need to advise Geoip of the new database file.

Usage

As you can see, more detail than before.

Moving files Older than 7 days. | linux centos moving old files 7 days find /var/log/source/ -mtime 7 -exec mv “{}” /tmp/destination \;

A incident came through to me this morning stating /var is getting full (95%).

I wanted a command which will quick go through the contents of the directory and move anything older than 7 days to /tmp.

Moving the files will get me out of trouble fast and allow me to compress the data in the temp location.

See command below.