禁用不需要的服务inetd: 超级internet服务器 xinetd: inetd的扩展/etc/inetd.conf 去掉已r开头的服务/etc/xinetd.d 禁用已r开头的服务
二。屏蔽系统登录显示信息telnet方式1.echo 'Authorizedusesonly.Allactivitymaybemonitoredandreported.'>>/etc/issue.net echo 'Authorizedusesonly.Allactivitymaybemonitoredandreported.'>>/etc/issue echo 'Authorizedusesonly.Allactivitymaybemonitoredandreported.'>>/etc/motd2.修改文件权限 /bin/chown root:root /etc/motd/ /etc/issue /etc/issue.net/bin/chmod 644 /etc/motd/ /etc/issue /etc/issue.netsshsshd.conf 加入: Banner /etc/issue.net
三。/etc/host.conf加入#lock up names via DNS first then fall back to /etc/hostsorderbind, hosts#we have machines with multiple IPmultion#check for ip spoofingnospoofon
四。减缓拒绝服务器攻击: synattack临时 :echo 1 >> /proc/sys/net/ipv4/tcp_syncookies 永久: 加入 /etc/rc.d/rc.local