151.sleep 1
152.###############################
153.cat >> /etc/sysctl.conf << endf //優化內核參數調整
154.#michaelkang add 120724
155.net.ipv4.tcp_abort_on_overflow = 1
156.net.ipv4.tcp_syncookies = 1
157.net.ipv4.tcp_tw_reuse = 1
158.net.ipv4.tcp_tw_recycle = 1
159.net.ipv4.tcp_fin_timeout = 20
160.net.ipv4.tcp_retries1 = 2
161.net.ipv4.tcp_retries2 = 5
162.net.ipv4.tcp_max_orphans = 2000
163.net.ipv4.tcp_keepalive_time = 1200
164.net.ipv4.tcp_keepalive_intvl = 15
165.net.ipv4.tcp_keepalive_probes = 5
166.net.ipv4.tcp_syn_retries = 2
167.net.ipv4.tcp_synack_retries = 3
168.net.ipv4.tcp_max_syn_backlog = 8192
169.net.ipv4.tcp_max_tw_buckets = 5000
170.endf
171.sysctl -p
172.echo "Adjust the kernel parameters!......................OK!"
173.sleep 1
174.#############################################
175.for I in `ls /etc/rc3.d/S*` //關閉系統不需要的服務,其中S打頭的都是正在運行的服務,K打頭的是沒有運行的服務.
176.do
177. STOP_SRV=`echo $I|cut -c 15-` //過濾服務名稱,從15個字符往後.
178. echo $STOP_SRV
179. case $STOP_SRV in
180. local | cpuspeed | crond | irqbalance | microcode_ctl | xinetd | network | mon | partmon | messagebus| udev-post | sshd | rsyslog | syslog )
181. echo "Base services, Skip!"
182. ;;
183. *)
184. echo "change $STOP_SRV to off"
185. chkconfig --level 235 $STOP_SRV off
186. service $STOP_SRV stop
187. ;;
188. esac
189.done
190.echo "Close useless services.........................ok"
191.sleep 1
192.############################################## //系統一些安全密碼文件加鎖,不允許修改創建
193.chattr +i /etc/passwd
194.chattr +i /etc/shadow
195.chattr +i /etc/group
196.chattr +i /etc/gshadow
197.chattr +a /root/.bash_history //root執行命令數據只運行添加
198.sed -i "s/HISTSIZE=1000/HISTSIZE=10/" /etc/profile //設置使用history命令只能查看10條命令
199.echo "The passwd shadow group gshadow is locked,if you use them,please use chattr -i!..............ok"
200.sleep 1
201.##############################################
202.cat >> /etc/hosts.allow << ENDF //設置運行遠程使用ssh登錄的網段
203.sshd:192.168.100.0/255.255.255.0
204.ENDF
205.echo 'sshd:all' >>/etc/hosts.deny
206.echo "Allowd 192.168.100.0 to use ssh................ok "
207.############################################ //設置默認創建用戶密碼最大存活天數以及密碼長度
208.sed -i -e "s/PASS_MAX_DAYS.*$/PASS_MAX_DAYS 90/" -e "s/PASS_MIN_LEN.*$/PASS_MIN_LEN 8/" /etc/login.defs
209.echo "###################The script is stop!!####################"
自動化5
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章
ajax請求方式
qq5a2902d647d79
2019-02-22 19:49:44
Oracle 11.2.0.4 For Linux 64bit+32bit 11Gu4數據庫介質百度雲
gexing32123
2019-02-22 19:29:09
iOS 如何在一個應用程序中調用另一個應用程序
xiaobo0134
2019-02-22 17:52:28
網址
zhujiangtao123
2019-02-22 17:46:11