기존 사용자 계정을 모니터링하여 불필요한 사용자 계정이 제거되었는지 확인해야 합니다.

프로시저

  • host:~ # cat /etc/passwd 명령을 실행하고 필요한 최소 사용자 계정을 확인합니다.
    root:x:0:0:root:/root:/bin/bash
    bin:x:1:1:bin:/dev/null:/bin/false
    daemon:x:6:6:Daemon User:/dev/null:/bin/false
    messagebus:x:18:18:D-Bus Message Daemon User:/var/run/dbus:/bin/false
    systemd-bus-proxy:x:72:72:systemd Bus Proxy:/:/bin/false
    systemd-journal-gateway:x:73:73:systemd Journal Gateway:/:/bin/false
    systemd-journal-remote:x:74:74:systemd Journal Remote:/:/bin/false
    systemd-journal-upload:x:75:75:systemd Journal Upload:/:/bin/false
    systemd-network:x:76:76:systemd Network Management:/:/bin/false
    systemd-resolve:x:77:77:systemd Resolver:/:/bin/false
    systemd-timesync:x:78:78:systemd Time Synchronization:/:/bin/false
    nobody:x:65534:65533:Unprivileged User:/dev/null:/bin/false
    apache:x:25:25:Apache Server:/srv/www:/bin/false
    sshd:x:50:50:sshd PrivSep:/var/lib/sshd:/bin/false
    ntp:x:87:87:Network Time Protocol:/var/lib/ntp:/bin/false
    named:x:999:999::/var/lib/bind:/bin/false
    admin:x:1000:1003::/home/admin:/bin/bash
    postgres:x:1001:100::/var/vmware/vpostgres/14:/bin/bash
    mpuser:x:1002:1003::/home/mpuser:/sbin/nologin