Displaying 20 results from an estimated 22 matches for "security_guide".
2017 Mar 17
3
lock out account after 3 failures
I?m looking to configure a centos 7 server to lock out anaccount after 3 login failures.
I?ve followed this
?
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Administrative_Controls
?
Section2.1.9.5 Account Locking
?
And even rebooted the serverbut it doesn?t lock my test account out.
login as: test
test at X?s password:
Access denied
test at X's passwo...
2017 Mar 17
0
lock out account after 3 failures
On 03/17/2017 02:41 AM, Ian Diddams wrote:
> I?ve followed this
>
>
>
> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Administrative_Controls
Can you send the /etc/pam.d/system-auth that you used for your test?
2015 Oct 23
1
OpenSSL and OpenSSH on CentOS (FIPS enabled)
...ing FIPS gap analysis for our product, can someone help to have a look my questions?
Our product is server running under CentOS 6.x, and according to the upstream (RedHat) document, CentOS can be configured to FIPS mode:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Security_Guide-Federal_Standards_And_Regulations-Federal_Information_Processing_Standard.html
And according to the CentOS forum, if we enabled FIPS mode on CentOS, then OpenSSL will also be in FIPS mode
https://www.centos.org/forums/viewtopic.php?t=9078
Questions:
(1) Is that true for OpenS...
2013 Jan 13
0
luks and aes-ni
...that maybe only aes-cbc is using
aes-ni [3] and that could mean that after a install aes-ni is not used
at all.
Does anyone know about this or has experiences?
[1] http://en.wikipedia.org/wiki/AES_instruction_set
[2]
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Security_Guide-LUKS_Disk_Encryption.html
[3]
http://forum.centos.org/modules/newbb/viewtopic.php?topic_id=38226&forum=56&post_id=166657#forumpost166657
--
Kind Regards, Markus Falb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type...
2013 Dec 02
1
NetFilter Detection
Hi All,
I was searching around but was not able to find out.
We all know that packet traverses through the Net Filter hooks but how to
practically realize that.
Please guide
Regards
Clove
2014 Oct 18
1
Your experience with os hardening tool - Bastille?
Hi All:)
I would like to start using a tool for automating of os hardening. I found
some informations about Bastille. One things which attracted my attention
is that in http://bastille-linux.sourceforge.net/news_updates.htm the last
post is from January 29th, 2012 :D
Is the tool ready to use at the moment with CentOS 6/7? Are there any
alternatives which you can recommend?
Thanks for all info
2015 Feb 09
2
Another Fedora decision
On Mon, February 9, 2015 3:14 pm, PatrickD Garvey wrote:
> On Mon, Feb 9, 2015 at 11:12 AM, John R Pierce <pierce at hogranch.com>
wrote:
>> On 2/9/2015 11:06 AM, Always Learning wrote:
>>> The third item was a 16.1 MB PDF of 1,344 pages. A quick scan of the
PDF
>>> shows every page appears to be readable. 11 pages devoted to BASH.
Information on other interesting
2014 Feb 21
2
KVM/NAT help requested
Dear Linux Gurus
I'm having problems with KVM and networking. My guest cannot use NAT
through the host's connection. This is what I've done:
I installed a new version of Centos 6.5 on the hardware. Starting
with a Net-Install, I selected the Virtual Hosting, and later added
"Desktop". I ran "yum update" with some reboots until nothing needed updating.
The
2016 Jun 02
2
Problems with OS X 10.11.5
2016-06-02 8:48 GMT+02:00 Volker Lendecke <Volker.Lendecke at sernet.de>:
> On Wed, Jun 01, 2016 at 07:44:26PM +0000, Seth Goldin wrote:
> > I disabled client signing from the client side, via OS X's global
> nsmb.conf
> > file: https://discussions.apple.com/message/30282470#30282470
> >
> > The performance was back to over 600 MB/s, as compared to 60 MB/s
2016 Apr 01
2
Libreswan PEM format
Just trying to follow the instructions here
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Securing_Virtual_Private_Networks.html
I don't think I am doing anything special.
At the point where there is some communication going on
Getting this error
packet from *****:1024: received Vendor ID payload [Cisco-Unity]
Apr 01 17:33:44 carneab4.memset.net pluto[15986]: packet from
***...
2014 Aug 08
6
CentOS 7 - Firewall always allows outgoing packets?
Hello all:
I am looking at the documentation of the new firewalld service in CentOS 7.
It looks like no matter what I configure with it, outgoing connections are
still going to be allowed. That does not seem very secure.
I always set my servers to default policy of DROP for everything incoming
and outgoing and then add rules to allow very specific traffic through.
Is this possible using the
2016 Apr 01
2
Libreswan PEM format
...address and key in ipsec.secrets.
>
> --
> Eero
>
>
> 2016-04-01 19:38 GMT+03:00 Glenn Pierce <glennpierce at gmail.com>:
>
>> Just trying to follow the instructions here
>>
>> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Securing_Virtual_Private_Networks.html
>>
>> I don't think I am doing anything special.
>>
>> At the point where there is some communication going on
>>
>> Getting this error
>>
>> packet from *****:1024: received Vendor ID payload [Cisco-Unit...
2015 Feb 09
0
Another Fedora decision
...oor brain can hold ;-)
Are you looking for something simpler or more detailed than the
obvious starting point?
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/
or
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/index.html
It may be good to read other guides to understand what is specific to
RHEL/Centos and what works in general, but there is probably more than
you want to know in the official docs.
--
Les Mikesell
lesmikesell at gmail.com
2015 Feb 09
2
Another Fedora decision
...gt; Are you looking for something simpler or more detailed than the
> obvious starting point?
> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/
> or
> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/index.html
>
> It may be good to read other guides to understand what is specific to
> RHEL/Centos and what works in general, but there is probably more than
> you want to know in the official docs.
>
>
> --
> Les Mikesell
> lesmikesell at gmail.com
Thank you, Les...
2017 Jul 06
0
OVAL support for CentOS
Hi,
I would like to know if there is some feed for OVAL checks like in Redhat:
https://www.redhat.com/security/data/oval/. Documentation:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Practical_Examples.html#sect-Auditing_Security_Vulnerabilities_Example
Other distributions have an oval feed:
- Redhat: https://www.redhat.com/security/data/oval/
- Debian: https://www.debian.org/security/oval/
- Ubuntu: https://people.canonical.com/~ubuntu-security/oval/
Thanks...
2014 May 29
1
files automatically changing permissionssdsds
hello,
I'm running apache 2.2.24 and php 5.2.17. The web site that it's service
turns into a 403 Forbidden error every 5 minutes literally. I've found that
doing a chmod -Rv 775 on the web root restores the site. However this is a
band-aid and no real solution.
I've combed through all the cron jobs in /var/spool/cron both on this
machine and the one it was recently transferred
2016 Apr 01
0
Libreswan PEM format
You must define connection address and key in ipsec.secrets.
--
Eero
2016-04-01 19:38 GMT+03:00 Glenn Pierce <glennpierce at gmail.com>:
> Just trying to follow the instructions here
>
> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Securing_Virtual_Private_Networks.html
>
> I don't think I am doing anything special.
>
> At the point where there is some communication going on
>
> Getting this error
>
> packet from *****:1024: received Vendor ID payload [Cisco-Unity]
> Apr 01 17:33:44 carneab4...
2014 Sep 09
1
CentOS 7: firewalld.service operation time out - systemctl firewalld issues
...learning how to work with CentOS I don't have a RedHat support
subscription and thus, can't see the solution. As such I'd appreciate
anyone with any ideas, or even a nod in the right direction. (I'm
using https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Using_Firewalls.html
as my reference for commands)
If you need any more information then let me know.
Thanks,
Aled
--
Aled Parry
aled.skyrail at gmail.com
2016 Apr 01
0
Libreswan PEM format
...-
> > Eero
> >
> >
> > 2016-04-01 19:38 GMT+03:00 Glenn Pierce <glennpierce at gmail.com>:
> >
> >> Just trying to follow the instructions here
> >>
> >>
> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Securing_Virtual_Private_Networks.html
> >>
> >> I don't think I am doing anything special.
> >>
> >> At the point where there is some communication going on
> >>
> >> Getting this error
> >>
> >> packet from *****:1024...
2020 Feb 04
3
Switching from lokkit (iptables) to firewalld
Hi All,
Over the last 20 some years I have a file with about 200K worth of address
that have "wrongly" tried to connect to my boxes running centos. So the
file has one line per address or group of addresses like:
2.244.112.0/24
So using the OLD iptables I would run through my file build the
iptables.txt file and start that with DROP for the IP address. iptables ran
through the big