{"id":228,"date":"2008-11-16T17:08:19","date_gmt":"2008-11-16T08:08:19","guid":{"rendered":"https:\/\/deskplate.net\/blog\/2008\/11\/16\/linux-%e5%88%9d%e6%9c%9f%e8%a8%ad%e5%ae%9a%e3%81%aa%e3%81%a9\/"},"modified":"2008-11-16T17:08:19","modified_gmt":"2008-11-16T08:08:19","slug":"linux-%e5%88%9d%e6%9c%9f%e8%a8%ad%e5%ae%9a%e3%81%aa%e3%81%a9","status":"publish","type":"post","link":"https:\/\/deskplate.net\/blog\/archives\/228","title":{"rendered":"Linux \u521d\u671f\u8a2d\u5b9a\u306a\u3069"},"content":{"rendered":"

CentOS\u3000\u305f\u3076\u3093\u4ed6\u306e\u3067\u3082\u5171\u901a
\n\/etc\/ssh\/sshd_config\u7de8\u96c6
\nPermitRootLogin no
\nDenyUsers postgres mysql test apache
\nsetup \u30b3\u30de\u30f3\u30c9\u3067\u30b7\u30b9\u30c6\u30e0\u30b5\u30fc\u30d3\u30b9\u306e\u4f7f\u308f\u306a\u3044\u3068\u601d\u308f\u308c\u308b\u30b5\u30fc\u30d3\u30b9\u3092\u6b62\u3081\u308b
\niptables\u8a2d\u5b9a
\n\u30b3\u30de\u30f3\u30c9\u304c\u9762\u5012\u306a\u306e\u3067Webmin\u3092\u4f7f\u3048\u3070\u697d
\n\u3082\u3057\u304f\u306f\u30b7\u30a7\u30eb\u3092\u4f5c\u3063\u3066\u304a\u304f
\n\u4f8b\uff09
\n#clear
\n\/sbin\/iptables -F
\n\/sbin\/iptables -X
\n#policy
\n\/sbin\/iptables -P INPUT DROP
\n\/sbin\/iptables -P FORWARD DROP
\n\/sbin\/iptables -P OUTPUT ACCEPT
\n\/sbin\/iptables -A INPUT -p icmp -j ACCEPT
\n\/sbin\/iptables -A INPUT -i lo -j ACCEPT
\n#http
\n\/sbin\/iptables -A INPUT -p tcp –dport 80 -j ACCEPT
\n#\/sbin\/iptables -A INPUT -s 192.168.1.1\/24 -p tcp –dport 80 -j ACCEPT
\n#\/sbin\/iptables -A INPUT -p tcp –dport 8080 -j ACCEPT
\n#ftp
\n\/sbin\/iptables -A INPUT -s 192.168.1.1\/24 -p tcp –dport 21 -j ACCEPT
\n#ssh
\n\/sbin\/iptables -A INPUT -s 192.168.1.1\/24 -p tcp –dport 22 -j ACCEPT
\n#postgresql
\n\/sbin\/iptables -A INPUT -s 192.168.1.1\/24 -p tcp –dport 5432 -j ACCEPT
\n#webmin
\n\/sbin\/iptables -A INPUT -s 192.168.1.1\/24 -p tcp –dport 10000 -j ACCEPT
\n\/sbin\/iptables -A INPUT -p tcp –dport 53 -j ACCEPT
\n\/sbin\/iptables -A OUTPUT -p tcp –dport 53 -j ACCEPT
\n\/sbin\/iptables -A INPUT -p tcp –dport 25 -j ACCEPT
\n\/sbin\/iptables -A OUTPUT -p tcp –dport 25 -j ACCEPT
\n\/sbin\/iptables -A INPUT -p tcp –dport 110 -j ACCEPT
\n\/sbin\/iptables -A OUTPUT -p tcp –dport 110 -j ACCEPT
\n\/sbin\/iptables -A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT
\n#save
\n\/etc\/init.d\/iptables save
\n#restart
\n\/etc\/init.d\/iptables restart<\/p>\n","protected":false},"excerpt":{"rendered":"

CentOS\u3000\u305f\u3076\u3093\u4ed6\u306e\u3067\u3082\u5171\u901a \/et<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-228","post","type-post","status-publish","format-standard","hentry","category-linux"],"_links":{"self":[{"href":"https:\/\/deskplate.net\/blog\/wp-json\/wp\/v2\/posts\/228","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/deskplate.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/deskplate.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/deskplate.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/deskplate.net\/blog\/wp-json\/wp\/v2\/comments?post=228"}],"version-history":[{"count":0,"href":"https:\/\/deskplate.net\/blog\/wp-json\/wp\/v2\/posts\/228\/revisions"}],"wp:attachment":[{"href":"https:\/\/deskplate.net\/blog\/wp-json\/wp\/v2\/media?parent=228"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/deskplate.net\/blog\/wp-json\/wp\/v2\/categories?post=228"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/deskplate.net\/blog\/wp-json\/wp\/v2\/tags?post=228"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}