cat /etc/passwd
cat /etc/shadow
cat /etc/login.defs
cat /etc/pam.d/system-auth
cat /etc/profile
ps -e | grep sshd
systemctl status telnet.socket
cat /etc/sudoers //查看用户权限
auditctl -s //是否开启审计模块
service rsyslog status和service auditd status
auditctl -l 、cat /etc/audit/audit.rules /是否配置审计规则
cd /var/log ls -l //查看审计文件权限
/etc/rsyslog.conf 查看日志是否外发
cat /etc/uname -a 、cat /etc/redhat-release 、cat \etc\issue \\查看版本
systemctl list-unit-files | grep enable \\查看正在运行的应用
netstat -an
cat /etc/ssh/sshd_config
systemctl status firewalld.service //防火墙是否运行
firewall-cmd --list-services //查看开放端口情况
firewall-cmd --list-rich-rules //查看限制规则
yum install -y iptables-services //安装iptables
systemctl start iptables //开启
systemctl stop iptables //关闭
systemctl status iptables //查看状态
iptables -L //列出规则
cp -a /etc/sysconfig/iptables /etc/sysconfig/iptables.bak //备份规则
查看 /etc/profile中HISTSIZE。 //记录历史命令条数
echo $HISTSIZE