Announcement

Collapse
No announcement yet.

How to secure wget and lynx binary

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to secure wget and lynx binary

    The wget/lynx binary is basically used to fetch the content from the remote/external urls and its used to hack the server therefore its better to disable the wget and lynx binary server wide and enable it for specific users, if its required by the script hosted by specific users only else leave it disable to secure the server.

    First check the wget and lynx binary path by using the command.

    [email protected][~]# which wget lynx
    /usr/bin/wget
    /usr/bin/lynx



    The above command provides the wget and binary binary path respectively.

    /usr/bin/wget
    /usr/bin/lynx

    Now add the new group which is actually used to enable wget and lynx binary for the specific users only.

    groupadd wget lynx

    Now change the group for the wget and lynx binary.

    chgrp wget /usr/bin/wget
    chgrp lynx /usr/bin/lynx


    Disable the wget and lynx binary.

    chmod 710 /usr/bin/wget
    chmod 710 /usr/bin/lynx


    To assign the wget and lynx binary to the specific user refer to the following command.

    usermod (options) user-name

    For example, we want to enable the wget binary to the test123 user and lynx binary to support123 user than use the following commands.

    usermod -G wget test123
    usermod -G lynx support123


    Similarly we can disable the other server side binaries which you want to secure from the hackers.
    Regards
    George
Working...
X