Created
September 24, 2019 13:50
-
-
Save Subhasis180689/99e658eeafe93aa8d377f9ce23576e31 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sed -i -e 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config | |
| sudo yum install ntp ntpdate -y | |
| chkconfig ntpd on | |
| ntpdate pool.ntp.org | |
| systemctl start ntpd | |
| sudo yum install perl -y | |
| perl -npe 's/umask\s+0\d2/umask 077/g' -i /etc/bashrc | |
| perl -npe 's/umask\s+0\d2/umask 077/g' -i /etc/csh.cshrc | |
| echo "Idle users will be removed after 15 minutes" | |
| echo "readonly TMOUT=900" >> /etc/profile.d/os-security.sh | |
| echo "readonly HISTFILE" >> /etc/profile.d/os-security.sh | |
| chmod +x /etc/profile.d/os-security.sh | |
| find / -ignore_readdir_race -not -path "/proc/*" -nouser -print -exec chown root {} \; | |
| find / -ignore_readdir_race -nogroup -print -exec chgrp root {} \; | |
| yum remove telnet-server -y | |
| yum remove rsh-server -y | |
| yum remove telnet -y | |
| yum remove rsh-server -y | |
| yum remove rsh -y | |
| yum remove ypbind -y | |
| yum remove ypserv -y | |
| yum remove tftp-server -y | |
| yum remove bind -y | |
| yum remove vsftpd -y | |
| yum remove dovecot -y | |
| yum remove squid -y | |
| yum remove net-snmpd -y | |
| systemctl disable rexec | |
| systemctl disable rsh | |
| systemctl disable rlogin | |
| systemctl disable ypbind | |
| systemctl disable tftp | |
| systemctl disable certmonger | |
| systemctl disable cgconfig | |
| systemctl disable cgred | |
| systemctl disable cpuspeed | |
| systemctl enable irqbalance | |
| systemctl disable kdump | |
| systemctl disable mdmonitor | |
| systemctl disable messagebus | |
| systemctl disable netconsole | |
| systemctl disable ntpdate | |
| systemctl disable oddjobd | |
| systemctl disable portreserve | |
| systemctl enable psacct | |
| systemctl disable qpidd | |
| systemctl disable quota_nld | |
| systemctl disable rdisc | |
| systemctl disable rhnsd | |
| systemctl disable rhsmcertd | |
| systemctl disable saslauthd | |
| systemctl disable smartd | |
| systemctl disable sysstat | |
| systemctl enable crond | |
| systemctl disable atd | |
| systemctl disable nfslock | |
| systemctl disable named | |
| systemctl disable dovecot | |
| systemctl disable squid | |
| systemctl disable snmpd | |
| systemctl disable netfs | |
| systemctl disable nfs | |
| systemctl disable cups | |
| echo "install cramfs /bin/false" > /etc/modprobe.d/cramfs.conf | |
| echo "install freevxfs /bin/false" > /etc/modprobe.d/freevxfs.conf | |
| echo "install jffs2 /bin/false" > /etc/modprobe.d/jffs2.conf | |
| echo "install hfs /bin/false" > /etc/modprobe.d/hfs.conf | |
| echo "install hfsplus /bin/false" > /etc/modprobe.d/hfsplus.conf | |
| echo "install squashfs /bin/false" > /etc/modprobe.d/squashfs.conf | |
| echo "install udf /bin/false" > /etc/modprobe.d/udf.conf | |
| yum -y install yum-cron | |
| chkconfig yum-cron on |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment