Will be useful: apt-get -y update && apt-get -y upgrade
Do not use “ssh-copy-id”, clear ~/.ssh/authorized_keys
echo «» > ~/.ssh/authorized_keys ; chattr +i ~/.ssh/authorized_keys
Disable authorization logging:
Comment line «auth,authpriv.* -/var/log/auth.log» in /etc/rsyslog.conf
On Centos: authpriv.* /var/log/secure — on Centos
grep -nr «auth.log» /etc/
>/var/log/auth.log
(>/var/log/secure on centos)
chattr +i /var/log/secure
service rsyslog restart
touch ~/.hushlogin # disable Welcome Message
1 | chattr +i ~/.hushlogin |
— to prevent deletion
change SSH daemon default port: vim /etc/ssh/sshd_config — Port 22
service ssh restart
(service sshd restart — centos)
set +o history; history -c ; echo "set +o history" >> ~/.bashrc ; rm ~/.bash_history
# Prevent to save commands in bash history
rm /var/log/wtmp # disable “last” command
rm /var/log/apache2/*log* # remove Apache logs
cd /etc/apache2/
for i in `grep -lnr "CustomLog " /etc/apache2/*`; do vim "$i"; done
# find all config files
then open each file (vim filename ++LINE_NUMBER) and replace all lines starts with “CustomLog ” to: CustomLog /dev/null combined
Repeat for ErrorLog
for i in `grep -lnr "ErrorLog " /etc/apache2/*`; do vim "$i"; done
replace with: ErrorLog /dev/null
Also, find “ErrorLog” in apache2.conf and replace with:
CustomLog /dev/null combined
ErrorLog /dev/null
apachectl restart