151.sleep 1
152.###############################
153.cat >> /etc/sysctl.conf << endf //优化内核参数调整
154.#michaelkang add 120724
155.net.ipv4.tcp_abort_on_overflow = 1
156.net.ipv4.tcp_syncookies = 1
157.net.ipv4.tcp_tw_reuse = 1
158.net.ipv4.tcp_tw_recycle = 1
159.net.ipv4.tcp_fin_timeout = 20
160.net.ipv4.tcp_retries1 = 2
161.net.ipv4.tcp_retries2 = 5
162.net.ipv4.tcp_max_orphans = 2000
163.net.ipv4.tcp_keepalive_time = 1200
164.net.ipv4.tcp_keepalive_intvl = 15
165.net.ipv4.tcp_keepalive_probes = 5
166.net.ipv4.tcp_syn_retries = 2
167.net.ipv4.tcp_synack_retries = 3
168.net.ipv4.tcp_max_syn_backlog = 8192
169.net.ipv4.tcp_max_tw_buckets = 5000
170.endf
171.sysctl -p
172.echo "Adjust the kernel parameters!......................OK!"
173.sleep 1
174.#############################################
175.for I in `ls /etc/rc3.d/S*` //关闭系统不需要的服务,其中S打头的都是正在运行的服务,K打头的是没有运行的服务.
176.do
177. STOP_SRV=`echo $I|cut -c 15-` //过滤服务名称,从15个字符往后.
178. echo $STOP_SRV
179. case $STOP_SRV in
180. local | cpuspeed | crond | irqbalance | microcode_ctl | xinetd | network | mon | partmon | messagebus| udev-post | sshd | rsyslog | syslog )
181. echo "Base services, Skip!"
182. ;;
183. *)
184. echo "change $STOP_SRV to off"
185. chkconfig --level 235 $STOP_SRV off
186. service $STOP_SRV stop
187. ;;
188. esac
189.done
190.echo "Close useless services.........................ok"
191.sleep 1
192.############################################## //系统一些安全密码文件加锁,不允许修改创建
193.chattr +i /etc/passwd
194.chattr +i /etc/shadow
195.chattr +i /etc/group
196.chattr +i /etc/gshadow
197.chattr +a /root/.bash_history //root执行命令数据只运行添加
198.sed -i "s/HISTSIZE=1000/HISTSIZE=10/" /etc/profile //设置使用history命令只能查看10条命令
199.echo "The passwd shadow group gshadow is locked,if you use them,please use chattr -i!..............ok"
200.sleep 1
201.##############################################
202.cat >> /etc/hosts.allow << ENDF //设置运行远程使用ssh登录的网段
203.sshd:192.168.100.0/255.255.255.0
204.ENDF
205.echo 'sshd:all' >>/etc/hosts.deny
206.echo "Allowd 192.168.100.0 to use ssh................ok "
207.############################################ //设置默认创建用户密码最大存活天数以及密码长度
208.sed -i -e "s/PASS_MAX_DAYS.*$/PASS_MAX_DAYS 90/" -e "s/PASS_MIN_LEN.*$/PASS_MIN_LEN 8/" /etc/login.defs
209.echo "###################The script is stop!!####################"
自动化5
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章
ajax请求方式
qq5a2902d647d79
2019-02-22 19:49:44
Oracle 11.2.0.4 For Linux 64bit+32bit 11Gu4数据库介质百度云
gexing32123
2019-02-22 19:29:09
iOS 如何在一个应用程序中调用另一个应用程序
xiaobo0134
2019-02-22 17:52:28
网址
zhujiangtao123
2019-02-22 17:46:11