1)隐藏系统版本信息
>/etc/issue
> /etc/issue.net


2)更改yum源为国内的yum源
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo


3)设置字符为英文字符
echo "LANG=en_US.UTF-8" >/etc/locale.conf
echo "export LC_ALL=C" >>/etc/bashrc
source /etc/bashrc


4)关闭selinux
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
setenforce 0


5)关闭iptables
systemctl stop firewalld

systemctl disable firewalld.service


6)设置命令行历史记录保存个数
echo "export HISTSIZE=10"  >>/etc/bashrc
source /etc/bashrc


7)设置命令行历史记录文件中保存的个数
echo "export HISTFILESIZE=10" >>/etc/bashrc
source /etc/bashrc


8)命令行历史记录中不保存以空格开头的记录
echo "export HISTCONTROL=ignorespace" >>/etc/bashrc
source /etc/bashrc


9)为rm命令设置别名
echo "alias rm='Do not use rm command'" >>/etc/bashrc
source /etc/bashrc


10)加大文件描述符
cat >>/etc/security/limits.conf <<EOF
* soft nproc 65535
* hard nproc 65535
* soft nofile 65535
* hard nofile 65535
* soft stack 65535
* soft stack 65535
EOF

echo "* - proc 65535" > /etc/security/limits.d/20-nproc.conf


11)锁定/etc/passwd /etc/shadow /etc/group /etc/gshadow文件
chattr +i /etc/passwd /etc/shadow /etc/group /etc/gshadow
lsattr /etc/passwd /etc/shadow /etc/group /etc/gshadow