关于redhat操作系统的一些WIKI,希望本文对你有用
1.相关网站地址
https://www.kernel.org/ 所有内核地址
2.系统软件版本更新安装查看
系统更新
常见问题
#运行重复传输
yum-complete-transaction
# 运行 yum-complete-transaction
yum-complete-transaction –cleanup-only
#查看可能重复包
package-cleanup
# 清除可能存在的重复包
package-cleanup --dupes
# 清除可能存在的损坏包
package-cleanup --problems
系统加固
#! /bin/bash
sudo cp /etc/login.defs /etc/login.defs.bak
sudo cp /etc/pam.d/system-auth /etc/pam.d/system-auth.bak
sudo cp /etc/pam.d/login /etc/pam.d/login.bak
sudo cp /etc/ssh/ssh_config /etc/ssh/ssh_config.bak
sudo cp /etc/profile /etc/profile.bak
sudo cp /etc/bashrc /etc/bashrc.bak
sudo sed -i "s/PASS_MAX_DAYS.*/PASS_MAX_DAYS 60/g" /etc/login.defs
sudo sed -i "s/PASS_MIN_DAYS.*/PASS_MIN_DAYS 0/g" /etc/login.defs
sudo sed -i "s/PASS_WARN_AGE.*/PASS_WARN_AGE 7/g" /etc/login.defs
sudo sed -i "s/PASS_MIN_LEN.*/PASS_MIN_LEN 8/g" /etc/login.defs
sudo sed -i 's#password requisite pam_pwquality.so.*#password requisite pam_cracklib.so try_first_pass retry=3 dcredit=-1 lcredit=-1 ucredit=-1 ocredit=-1 minlen=8#' /etc/pam.d/system-auth
sudo sed -i '5 i auth required pam_tally2.so deny=3 unlock_time=300 even_deny_root root_unlock_time=300' /etc/pam.d/system-auth
echo -e "\033[32m password policy changed! \033[0m"
sudo sed -i '3 i auth required pam_tally2.so deny=3 lock_time=300 even_deny_root root_unlock_time=300' /etc/pam.d/login
echo -e "\033[32m tty policy changed! \033[0m"
echo "PermitEmptyPasswords no">>/etc/ssh/ssh_config
echo -e "\033[32m SSH policy changed! \033[0m"
echo "export TMOUT=600">>/etc/profile
echo -e "\033[32m session timeout policy changed! \033[0m"
sudo sed -i "s/umask.*/umask 027/g" /etc/bashrc
sudo sed -i "s/umask.*/umask 027/g" /etc/profile
echo -e "\033[32m umask policy changed! \033[0m"
source /etc/profile
echo -e "\033[32m profile excuted! \033[0m"
sudo service sshd restart
echo -e "\033[32m ssh reload! \033[0m"
#CentOS
# Install Splunk
# Download Splunk
wget -O splunkforwarder-7.3.4-13e97039fb65-linux-2.6-x86_64.rpm "https://automationstorageaccount.file.core.chinacloudapi.cn/software-onboardvm/AppSet01/Splunk/splunkforwarder-7.3.4-13e97039fb65-linux-2.6-x86_64.rpm?sv=2019-10-10&ss=f&srt=o&sp=rl&se=2021-12-31T10:50:30Z&st=2020-06-17T02:50:30Z&spr=https&sig=axdnDIxI%2BbbLKsSbcBzHiGdETc00rYKlV7zZK5vHEZo%3D"
sudo rpm -Uvh splunkforwarder-7.3.4-13e97039fb65-linux-2.6-x86_64.rpm
sudo /opt/splunkforwarder/bin/splunk enable boot-start --accept-license --answer-yes --auto-ports --noprompt
sudo /opt/splunkforwarder/bin/splunk set deploy-poll deabgsec201.d400.mh.grp:8089 --accept-license --answer-yes --auto-ports --no-prompt
sudo /opt/splunkforwarder/bin/splunk start --accept-license --answer-yes --auto-ports --no-prompt
# Install Qualys
# Download Qualys
wget -O qualys-cloud-agent.x86_64.rpm 'https://automationstorageaccount.file.core.chinacloudapi.cn/software-onboardvm/AppSet01/Qualys/qualys-cloud-agent.x86_64.rpm?sv=2019-10-10&ss=f&srt=o&sp=rl&se=2021-12-31T10:50:30Z&st=2020-06-17T02:50:30Z&spr=https&sig=axdnDIxI%2BbbLKsSbcBzHiGdETc00rYKlV7zZK5vHEZo%3D'
sudo rpm -ivh qualys-cloud-agent.x86_64.rpm
sudo /usr/local/qualys/cloud-agent/bin/qualys-cloud-agent.sh ActivationId=bffacafc-4799-4b73-b89d-7a97fe01eefe CustomerId=595f28d9-c9ae-4059-82af-1faa088f8a2d
# Install CrowdStrike
#Download
wget -O falcon-sensor-5.43.0-10803.el7.x86_64.rpm 'https://automationstorageaccount.file.core.chinacloudapi.cn/software-onboardvm/AppSet01/CrowdStrike/falcon-sensor-5.43.0-10803.el7.x86_64.rpm?sv=2019-10-10&ss=f&srt=o&sp=rl&se=2021-12-31T10:50:30Z&st=2020-06-17T02:50:30Z&spr=https&sig=axdnDIxI%2BbbLKsSbcBzHiGdETc00rYKlV7zZK5vHEZo%3D'
sudo yum install falcon-sensor-5.43.0-10803.el7.x86_64.rpm -y
sudo /opt/CrowdStrike/falconctl -s --cid=93C41B8301374F7EB1D5C696D127F4A8-90
sudo service falcon-sensor start
sudo systemctl start falcon-sensor
# Install Snow
wget -O KION_snowagent_6.2.0-1_amd64.rpm 'https://automationstorageaccount.file.core.chinacloudapi.cn/software-onboardvm/AppSet01/snow/KION_snowagent-6.2.0-1.x86_64.rpm?sv=2019-10-10&ss=f&srt=o&sp=rl&se=2021-12-31T10:50:30Z&st=2020-06-17T02:50:30Z&spr=https&sig=axdnDIxI%2BbbLKsSbcBzHiGdETc00rYKlV7zZK5vHEZo%3D'
sudo yum localinstall -y KION_snow*
系统软件版本查看
网络IPDNS配置
新用户新建修改:
useradd -m aoao
passwd aoao
usermod -s /bin/bash aoao
3.其它FAQ
1、修改时区
1)tzselect
- sudo cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
date -R
2、subnet 192.168.1.0/24
转载请注明来源,欢迎对文章中的引用来源进行考证,欢迎指出任何有错误或不够清晰的表达。可以在下面评论区评论,也可以邮件至 xieaoao@qq.com QQ:1296454177