Tag Archives: hardening

password when starting a linux server in single-user mode

http://www.cromwell-intl.com/unix/linux-break-in-howto.html

On RHEL 6.2-based systems (like Scientific Linux 6.2):
edit /etc/sysconfig/init

# Set to ‘/sbin/sulogin’ to prompt for password on single-user mode
# Set to ‘/sbin/sushell’ otherwise

Like this:

SINGLE=/sbin/sulogin

Then if you add an ‘s’ to the grub entry when the server boots it will ask you for a password , or hit ctrl-d. Ctrl-d makes the server enter normal boot (telinit *).

Should all linux machines be installed this way? To me this sounds like a definite deal, especially if you have the console physically or remotely accessible.

How to restrict access to your phpmyadmin

Went through the apache logs on my web-server and saw some access requests to my phpmyadmin page.

It’s probably a good idea to restrict access to this web based sql admin interface (in case there is an exploit I don’t want somebody to use it on this).

How to make phpmyadmin a bit more secure

sudo vi /etc/phpmyadmin/apache.conf
or
sudo nano /etc/phpmyadmin/apache.conf

Under
“Alias /phpmyadmin /usr/share/phpmyadmin”
<Directory /usr/share/phpmyadmin>

add this:

Order Deny,Allow
Deny from all
Allow from 127.0.0.1
Allow from 192.168.0.0/24

This will let your vm access the /phpmyadmin part and also anything with an IP on the 192.168.0.0/24 network.

Also, up there in the alias where it first says /phpmyadmin – change this to something else like “Alias /youcannotguessthis /usr/share/phpmyadmin” and it will be a lot harder for automatic scanners to find it.

Here is some more information.