If you’ve ever worked on a linux system, chances are that you’ve used chmod many times.
If odd bounced e-mails are coming back to the server or the server is listed in a blacklist, some accounts may be compromised on the server.
You can delete them based on what they’re doing:
Check for a SYN flood:
If you have a Cisco device logging to RHEL, here’s all that’s necessary:
·138 words·1 min
TCP: Treason uncloaked!
If you’re looking to get PCI/CISP compliance, or you just like better security, disable SSL version 2.
·47 words·1 min
Okay, so you’ve verified that the correct admin password is being used, but you still can’t login?
If you work on enough servers, you discover that a lot of people put the security of their MySQL server on the back burner.
·333 words·2 mins
Sticky bits help you take file permissions to the next level.
·206 words·1 min
If you think you have a rooted RHEL box, you’ll want to run the usual rkhunter, chkrootkit, and you will want to inspect for rogue processes.