With the development and improvement of Linux operating system, Linux operating system of carrying the server be widely used in mittelstand. But the security strategy of many Linux system servers is not perfect. In order to meet the requirement of national information security level protection, protect the safe and stable operation of the enterprise information system, as the basis of evaluation requirements to Information Security Level Protection, the paper proposed to the the specific operation method of Linux system server security assessment, respectively from the different aspects such as peer-entity authentication, access control, safety audit, intrusion prevention and malicious code to prevent and resource control, according to instruction cat, check related instructions configuration of system file, as the basis of this configuration results compare with the specific evaluation requirements of the information security level protection to meet the requirements, and also proposes strengthening security strategy method of Linux server.%随着Linux操作系统的发展与完善,不少中小企业用户开始使用搭载Linux操作系统的服务器,但是很多Linux系统服务器安全策略并不完善.为满足国家信息安全等级保护的要求,保护企业信息系统的安全稳定运行,以信息安全等级保护测评的要求为依据,本文提出对Linux系统服务器安全测评的具体操作方法,分别从身份鉴别、访问控制、安全审计、入侵防范与恶意代码防范、资源控制等不同方面依据cat等指令检查系统文件的相关配置,依此配置结果与信息安全等级保护的具体要求做比较以满足测评要求,并提出加强Linux服务器安全策略的方法.
展开▼