Fix some permissions on your server to prevent from Exploits

Some exploits will try to use unix resources to download rootkits and other bad files to your system. You can deny it fixing some permissions on that resources.

Trick: Make a backup of /usr/bin, /usr/sbin, /bin, /sbin
You will be able to replace it if you detected some infected file with rkhunter or chrootkit.
Read this:
How to Install Rkhunter
How to Install Rootcheck

# chmod 700 /usr/bin/rcp
# chmod 700 /usr/bin/wget
# chmod 700 /usr/bin/lynx
# chmod 700 /usr/bin/links
# chmod 700 /usr/bin/scp
# chmod 000 /etc/httpd/proxy/
# chmod 000 /var/mail/vbox
# chmod 700 /usr/bin/mc
# chmod 700 /usr/bin/elinks
# chmod 700 /usr/bin/lwp-download
# chmod 700 /usr/bin/GET
# chmod 700 /usr/bin/curl

You can also block all *cc compilers on /usr/bin to permit only root user to use compilers:
# cd /usr/bin/
# ls -l
# chmod 700 /usr/bin/
Example:
# chmod 700 byacc
# chmod 700 cc
# chmod 700 gcc
# chmod 700 gnatgcc
# chmod 700 perlcc
# chmod 700 yacc

0 Comments: