Topics

Configuring vsFTPd on CentOS with different port

Configuring vsFTPd on CentOS with different port

Check Installing CentOS 6.2 on VMware post.

– make sure SELINUX is disabled and iptables is configured for FTP

– add ftp user

adduser ftpuser -g ftp -s /sbin/nologin -d /server
#set password
passwd ftpuser

– configuration, more info

synchronize clock on CentOS server

Check Installing CentOS 6.2 on VMware post.

chkconfig --levels 235 ntpd on
/etc/init.d/ntpd restart
ntpdate 0.pool.ntp.org

– using dateconfig

yum groupinstall 'X Window System'
dateconfig

disable root login

Check Installing CentOS 6.2 on VMware post.

This should make the server more secure, review creating admin users post

– this will disable logging in ssh as root

vi /etc/ssh/sshd_config 
#add
PermitRootLogin no
#restart ssh
/etc/init.d/sshd restart

Adding new users and admins to Linux server

Check Installing CentOS 6.2 on VMware post.

Using admin user avoids common mistakes done when logging as root, instead use sudo to run root commands.

mkdir /server

#adding web-server user www
adduser www -d /server -s /sbin/nologin

#adding admins group to use instead of root
groupadd admins
visudo
#add
%admins ALL=(ALL)       NOPASSWD: ALL

#add new admin 
adduser admin -g admins
#set password
passwd admin

#add email for user admin
vi /etc/aliases
#add
admin: admin@example.com
#rebuild data
newaliases

Disabling unneeded services on CentOS

Check Installing CentOS 6.2 on VMware post.

More information about each service can be found here

chkconfig setroubleshoot --levels 345 off;service setroubleshoot stop
chkconfig portmap --levels 345 off;service portmap stop
chkconfig rpcidmapd --levels 345 off;service rpcidmapd stop
chkconfig restorecond --levels 345 off;service restorecond stop
chkconfig pcscd --levels 345 off;service pcscd stop
chkconfig nfslock --levels 345 off;service nfslock stop
chkconfig nfs --levels 345 off;service nfs stop
chkconfig netfs --levels 345 off;service netfs stop
chkconfig mdmonitor --levels 345 off;service mdmonitor stop
chkconfig hidd --levels 345 off;service hidd stop
chkconfig cpuspeed --levels 345 off;service cpuspeed stop
chkconfig cups --levels 345 off;service cups stop
chkconfig cpuspeed --levels 345 off;service cpuspeed stop
chkconfig apmd --levels 345 off;service apmd stop
chkconfig autofs --levels 345 off;service autofs stop
chkconfig atd --levels 345 off;service atd stop
chkconfig apf --levels 345 off;service apf stop
chkconfig yum-updatesd  --levels 345 off;service yum-updatesd  stop

#disable apache if not needed
chkconfig httpd  --levels 345 off;service httpd  stop