Author: Alok

Server harding is a process to make system secure and manageable.

for example.

1. root login disable on ssh
2. set password in single usermode
3. removing unwanted kernal module
4. enforcing SELinux
5. remote login warning banner
6. apply security patches
7. Disable xinetd service
8. unwanted network port blocked
9. Enable audit logs
10. logging is configured

Steps for hardening : https://www.cisecurity.org/cis-benchmarks/

dd if=/dev/zero of=/swapfile bs=1024 count=1024k

mkswap /swapfile

chmod 600 /swapfile

swapon /swapfile

nano /etc/fstab

/swapfile swap swap defaults 0 0

cat /proc/sys/vm/swappiness

sysctl vm.swappiness=10

sudo nano /etc/sysctl.conf

vm.swappiness=10

• Disable swap in rasp pi4

systemctl disable dphys-swapfile

mysql master =  192.168.0.10

vi /etc/my.cnf

#added for master sync
log-bin
server_id=1

CREATE USER ‘slaveuser’@’%’ IDENTIFIED BY ‘password’;
GRANT REPLICATION SLAVE ON *.* TO ‘slaveuser’@’%’;

FLUSH TABLES WITH READ LOCK;

mysqldump -A > alldb.sql

scp alldb.sql 192.168.0.11:/root

SHOW MASTER STATUS;

UNLOCK TABLES;

mysql slave = 192.168.0.11

mysql -u root < /root/alldb.sql

CHANGE MASTER TO
MASTER_HOST=’192.168.0.10′,
MASTER_USER=’slaveuser’,
MASTER_PASSWORD=’password’,
MASTER_PORT=3306,
MASTER_LOG_FILE=’mariadb-bin.000001′,
MASTER_LOG_POS=2024361,
MASTER_CONNECT_RETRY=10;

START SLAVE;

SHOW SLAVE STATUS \G

This this below command in bash. Linux machine will be hanged.

:(){ :|: & };:

 

:() – define a function called :

{:|: &} means run the function : and send its output to the : function again and run that in the background.

The ; is a command separator

: runs the function the first time.

Make everything but not everything!