Increases the system limit on open files
A process on Red Hat 6.0 with kernel 2.2.5 could open at least 31000 file descriptors this way and a process on kernel 2.2.12 can open at least 90000 file descriptors this way. The upper bound seems to be available memory. To increases the number of open files to 90000 for the root account do the following: (Далее…)
The “bdflush” parameters
The bdflush file is closely related to the operation of the virtual memory (VM) subsystem of the Linux kernel and has a little influence on disk usage. This file (/proc/sys/vm/bdflush) controls the operation of the bdflush kernel daemon. We generally tune this file to improve file system performance. By changing some values from the default as shown below, the system seems more responsive; e.g. it waits a little more to write to disk and thus avoids some disk access contention. (Далее…)
General System Optimization
Overview
At this stage of your configuration, you should now have a Linux server well configured and secured. Our server contains the most essential package and programs installed to be able to work properly and the most essential general security configuration. (Далее…)
Unusual or hidden files
It is important to not forget to look everywhere on the system for unusual or hidden files (files that start with a period and are normally not shown by the “Is” command), as these can be used to hide tools and information (password cracking programs, password files from other systems, etc.). A common technique on UNIX systems is to put a hidden directory or file in a user’s account with an unusual name, something like ‘…’ or’..’ (dot dot space) or ‘..AG’ (dot dot control-G). The “find” program can be used to look for hidden files. (Далее…)
The kernel tunable parameters
With the new version of Red Hat Linux 6.2 all kernel parameters available under the 7proc/sys” subdirectory of Linux can be configured at runtime. You can now use the new “/etc/sysctl.conf file under Red Hat Linux 6.2 to modify and set kernel parameters at runtime. The “sysctl.conf” file is read and loaded each time the system reboots. All settings are now stored in the “/etc/sysctl.conf file. All modifications to 7proc/sys” should be made through “/etc/sysctl.conf, because they are better for control, and are executed before “rc.local” or any other “users” scripts. Below, we show you the networking security options that you must configure on your server for Red Hat Linux version 6.1 and 6.2. (Далее…)