/////
Search
๐Ÿ“ƒ

Peer

โ†’ Virtual Machine

ํ•˜๋“œ์›จ์–ด๋กœ ๊ตฌ์„ฑ ๋˜์–ด ์žˆ๋Š” ์ปดํ“จํ„ฐ ํ™˜๊ฒฝ์„ ์†Œํ”„ํŠธ์›จ์–ด๋กœ ๊ตฌํ˜„ํ•œ ๊ฒƒ. ๋‹ค์‹œ ๋งํ•ด ์ปดํ“จํ„ฐ ํ™˜๊ฒฝ์„ ์—๋ฎฌ๋ ˆ์ด์…˜(๊ฐ€์ƒํ˜„์‹คํ™”)ํ•˜๋Š” ์†Œํ”„ํŠธ์›จ์–ด์ด๋‹ค.

โ†’ CentOS vs Debian

๋‘˜ ๋‹ค ๋ฆฌ๋ˆ…์Šค๋ผ๋Š” ๊ณตํ†ต์ ์ด ์žˆ๋‹ค.
๋ฆฌ๋ˆ…์Šค๋Š” ์œ ๋‹‰์Šค์™€ ์™„๋ฒฝํ•˜๊ฒŒ ํ˜ธํ™˜ ๊ฐ€๋Šฅํ•˜๋ฉฐ ๊ณต๊ฐœ ์šด์˜์ฒด์ œ์ด๋‹ค. ์ด๋Š” ์˜คํ”ˆ์†Œ์Šค๋กœ ๋ˆ„๊ตฌ๋“ ์ง€ ์ž์œ ๋กญ๊ฒŒ ์ˆ˜์ •์ด ๊ฐ€๋Šฅํ•˜๋‹ค๋Š” ํŠน์ง•์ด ์žˆ๋‹ค.
CentOS๋Š” Community Enterprise Operation System์˜ ์•ฝ์ž๋กœ Red Hat์ด ๊ณต๊ฐœํ•œ RHEL์„ ๊ทธ๋Œ€๋กœ ๊ฐ€์ ธ์™€์„œ Red Hat์˜ ๋ธŒ๋žœ๋“œ์™€ ๋กœ๊ณ ๋งŒ ์ œ๊ฑฐํ•˜๊ณ  ๋ฐฐํฌํ•œ ๋ฐฐํฌ๋ณธ์ด๋‹ค.
์„œ๋ฒ„์šฉ ์šด์˜์ฒด์ œ๋กœ ์ธ๊ธฐ๊ฐ€ ๋งค์šฐ ๋†’์œผ๋ฉฐ ํšŒ์‚ฌ๊ฐ€ ์•„๋‹Œ ์ปค๋ฎค๋‹ˆํ‹ฐ๋ฅผ ํ†ตํ•ด ์ง€์›์ด ๋˜๋ฏ€๋กœ ํŒจ์น˜๊ฐ€ ๋Š๋ฆฐ ๊ฐ์ด ์žˆ๋‹ค.
Debian์€ ๋ฌด๋ฃŒ ๊ฐœ์ธ ์‚ฌ์šฉ์ž ์„œ๋ฒ„์šฉ์œผ๋กœ ์ธ๊ธฐ๊ฐ€ ๋งค์šฐ ๋†’์€ OS์ด๊ณ  ์ง€๋‚œ ๋‚ ์—๋Š” CentOS๋ณด๋‹ค ์„ฑ๋Šฅ์ด ๋’ค์ณ์กŒ๋‹ค. ํ•˜์ง€๋งŒ ์ง€์†์ ์ธ ์—…๋ฐ์ดํŠธ๋ฅผ ํ†ตํ•ด ๋ ˆ๋“œํ–‡ ๊ณ„์—ด์— ๋น„ํ•ด ๊ฒฐ์ฝ” ๋’ค์ณ์ง€์ง€ ์•Š๋Š”๋‹ค.

โ†’ UFW

โ†’ SSH

โ†’ Check OS

$ uname -a
Shell
๋ณต์‚ฌ

โ†’ sudo, user42

$ id mcha
Shell
๋ณต์‚ฌ

โ†’ Password policy

1.
Create User
$ useradd <user-name>
Shell
๋ณต์‚ฌ
2.
Assign password
$ passwd <user-name>
Shell
๋ณต์‚ฌ
3.
Create a group
$ groupadd <group-name>
Shell
๋ณต์‚ฌ
4.
Add user created group
$ usermod -G evaluating test
Shell
๋ณต์‚ฌ

โ†’ Check hostname

$ hostnamectl
Shell
๋ณต์‚ฌ

โ†’ Change hostname

$ sudo hostnamectl set-hostname --static <host-name> $ sudo reboot $ hostnamectl
Shell
๋ณต์‚ฌ

โ†’ Restore hostname

$ sudo hostnamectl set-hostname --static <host-name> $ sudo reboot $ hostnamectl
Shell
๋ณต์‚ฌ

โ†’ Check sudo program

$ dpkg -l | grep "sudo"
Shell
๋ณต์‚ฌ

โ†’ Add new user "sudo" group

$ usermod -aG sudo <user-name>
Shell
๋ณต์‚ฌ

โ†’ Strict rules for sudo

โ†’ Check UFW program

$ dpkg -l | grep "ufw"
Shell
๋ณต์‚ฌ

โ†’ Check it works

$ systemctl status ufw $ ufw status numbered
Shell
๋ณต์‚ฌ

โ†’ Cron

# Every 1 minute * * * * * <task> # Every 30 sec ๋งํฌ */1 * * * * /path/to/monitoring.sh */1 * * * * sleep 30s && /path/to/monitoring.sh
Shell
๋ณต์‚ฌ

โ†’ Stop Cron

$ systemctl stop cron $ systemctl restart cro # crontab -e @reboot /path/to/monitoring.sh
Shell
๋ณต์‚ฌ
| 1) lsblk 1 <- Check partitions | 2) sudo aa-status 2 <- AppArmor status | 3) getent group sudo 3 <- sudo group users | 4) getent group user42 4 <- user42 group users | 5) sudo service ssh status 5 <- ssh status, yep | 6) sudo ufw status 6 <- ufw status | 7) ssh username@ipadress -p 4242 7 <- connect to VM from your host (physical) machine via SSH | 8) nano /etc/sudoers.d/<filename> 8 <- yes, sudo config file. You can $ ls /etc/sudoers.d first | 9) nano /etc/login.defs 9 <- password expire policy | 10) nano /etc/pam.d/common-password 10 <- password policy | 11) sudo crontab -l 11 <- cron schedule
Shell
๋ณต์‚ฌ