Spur: » Linux » ATI X1250 Graphikkarte unter Linux » Installation Debian 3.1 Sarge (stable) für XEN » Samba und XP Clients » Löschen von Leerstellen/Leerzeilen in Dateien » Kennen Sie zooplus? » OpenWRT auf Linksys WRT54GL - Der einfache Weg » freeradius mit openssl unter debian lenny » Bewährte Anpassungen
Inhaltsverzeichnis

Bewährte Anpassungen

/etc/sysconfig/i18n

LANG="de_DE.UTF-8"
SUPPORTED="en_US.UTF-8:en_US:en:de_DE.UTF-8:de_DE:de"
SYSFONT="lat0-08"

/etc/syslog.conf

# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.*                                                 /dev/console

# Logging auf die Konsolen 10 bis 12 
kern.*                                                  /dev/tty10
mail.*,local6.*                                         /dev/tty11
*.info;mail.none;authpriv.none;cron.none                /dev/tty12

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none                /var/log/messages

# The authpriv file has restricted access.
authpriv.*                                              /var/log/secure

# Log all the mail messages in one place.
mail.*                                                  -/var/log/maillog

# Log cron stuff
cron.*                                                  /var/log/cron

# Everybody gets emergency messages
*.emerg                                                 *

# Save news errors of level crit and higher in a special file.
uucp,news.crit                                          /var/log/spooler

# Save boot messages also to boot.log
local7.*                                                /var/log/boot.log

/etc/yum.conf

locate/updatedb

slocate Datenbank initialisieren 

updatedb

/etc/ntp.conf

server  MY.IP.AD.DR

ntpdate MY.IP.AD.DR
chkconfig ntpd on

/etc/sysconfig/iptables

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
 
wissen/linux/redhat_enterprise_linux_best_practice.txt · Zuletzt geändert: 06.09.2010 02:31
 
Recent changes RSS feed Donate Valid XHTML 1.0 Valid CSS Recent cached RSS feed cacert-signed web site: inhalt.serviert.de