查看状态:systemctl status rsyslog
systemctl status auditd
关闭:systemctl stop auditd
查看规则:cat /etc/audit/audit.rules
查看运行服务:systemctl -a | grep running
service –status-all | grep running
关闭服务:systemctl stop 服务名称
查看安装的程序包:yum list installed
查看默认端口号:netstat -ntlp
查看允许接入:netstat -ntlp /etc/hosts.allow
查看不允许接入:netstat -ntlp /etc/hosts.deny
查看防火墙对外开放的端口:firewall-cmd --list-all
禁用root远程登录 PermitRootLogin项:vim /etc/ssh/sshd_config
查看Linux主机补丁安装情况:rpm –qa | grep patch
查看重要线索: more /var/log/secure | grep refused