SAKURA VPS first setting
ようやく重い腰をあげて・・・VPSの利用を開始しました。
いろいろ設定。
1. root でログイン
コントロールパネルからOS起動!
2. ユーザー作成
# adduser username # chpasswd username:userpassword ctrl+D
root パスワード変更
# passwd パスワード
3. SSH設定
rootログインを禁止
# vi /etc/ssh/sshd_config #PermitRootLogin yes PermitRootLogin no # /etc/init.d/sshd restart
4. iptables
# /sbin/chkconfig iptables --list iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off # /sbin/chkconfig iptables off # /sbin/chkconfig iptables --list iptables 0:off 1:off 2:off 3:off 4:off 5:off 6:off # /sbin/iptables -P INPUT ACCEPT # /sbin/iptables -P OUTPUT ACCEPT # /sbin/iptables -P FORWARD DROP # /sbin/iptables -F # /sbin/iptables -A INPUT -i lo -j ACCEPT # /sbin/iptables -A INPUT -p tcp --dport 80 -j ACCEPT # /sbin/iptables -A INPUT -p tcp --dport 22 -j ACCEPT # /sbin/iptables -A INPUT -m state -state ESTABLISHED,RE LATED -j ACCEPT Bad argument `ESTABLISHED,RELATED' Try `iptables -h' or 'iptables --help' for more information. # /sbin/iptables -A INPUT -m state --state ESTABLISHED,R ELATED -j ACCEPT # /sbin/iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT all -- anywhere anywhere state RELATED,ESTAB LISHED Chain FORWARD (policy DROP) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination # /sbin/iptables -P INPUT DROP # /etc/init.d/iptables save Saving firewall rules to /etc/sysconfig/iptables: [ OK ] # /sbin/init.d/iptables restart
- Prev sendmailに攻撃が。
- Next SAKURA VPS Spec
- Prev sendmailに攻撃が。
- Next SAKURA VPS Spec