Linux is a free Unix-use and free dissemination of Caozuojitong as Caozuoxitong an open-source, Linux servers for its safety, efficiency and stability of the significant advantages and can be widely applied, but if you do not make a reasonable allocation of rights , the security of Linux systems will still get better protection, in today's production environment, such an approach close SeLinux Linux habitual administrator would be completely wrong, here we will mainly use RHEL7 systems, respectively, from the account security , system boot, login control, SeLinux reasonable configuration, etc., to optimize the security of Linux systems.
Make sure that the security reinforcement Before you have mastered the common operation of Linux, the latter will use a pure RHEL7 system to reinforce security in this system is installed by default LAMP environment, where the need is still able to normal after the reinforcement of visit these Web sites.
As early as 1985, the US Department of Defense has proposed Trusted Computer System Evaluation Criteria TCSEC, TCSEC system is divided into four categories ABCD seven levels of security. D level is the lowest level of security level, the level of protection for the independent class C; Class B is a mandatory level of protection; class A protection class verification, comprising a rigid design, control and verification process.
D level, the lowest security;
a C1-level, the main access control;
C2 level, a better customize access control (the DAC), the audit;
Bl stages, mandatory access control (the MAC);
B2 level, well-structured design , formal security model;
B3 level, comprehensive access control, trusted recovery;
A1 level, formal certification.
The current mainstream operating system security is not enough, such as UNIX systems, Windows NT can only reach C2 level security are to be improved, but the security hardened Linux system up to security level B1.