Harden bash_history and bash configuration files

 

Harden bash_history and bash configuration files by making them append-only:

chattr +a /home/user/.bash_history
chattr +a /home/user/.bash_profile
chattr +a /home/user/.bash_login
chattr +a /home/user/.profile
chattr +a /home/user/.bash_logout
chattr +a /home/user/.bashrc

Harden env variables by adding the following lines to /home/user/.bashrc:

shopt -s histappend
readonly PROMPT_COMMAND="history -a"
readonly HISTFILE
readonly HISTFILESIZE
readonly HISTSIZE
readonly HISTCMD
readonly HISTCONTROL
readonly HISTIGNORE

histappend tells bash to append the last $HISTSIZE lines to the $HISTFILE file when an interactive shell exits. PROMPT_COMMAND executes the given command prior to issuing each prompt. history -a appends the command typed just before the current one to $HISTFILE.

Disable access to other shells:

chmod 750 csh
chmod 750 tcsh
chmod 750 ksh

 

 

-
Marcadores: , ,

Criando partição com parted

  parted  /dev/sdb (parted) select /dev/sdb (parted) print   CRIANDO UMA PARTIÇÃO NO DISCO SELECIONADO (/dev/sdb) Passo 1: Primeiramente...

Mais vistos

  • JKS and Openssl commands
    Java Keytool Command These commands allow you to generate a new Java Keytool keystore file, create a CSR, and import certificates. A...
  • Kaspersky Security Center WSUS Files Storage Location
     Kaspersky seems to be storing windows update files on the C Drive: Here -> C:\ProgramData\KasperskyLab\adminkit\1093\.working Change fo...
  • DFSR clean Staging folder
     This particular error is generally experienced when people attempt a non NTFS volume such as ReFS to a DFSR replication group as documented...