
================================================ start 1-1.ssh_root_deny.sh ================================================
/etc/ssh/sshd_config change PermitRootLogin option
#원격 루트 접속 제한
================================================ end 1-1.ssh_root_deny.sh ================================================

================================================ start 1-2.password_complexity.sh ================================================
PASS_MIN_LEN UNCOMMENTS IN /etc/pam.d/common-password
#common-password 주석 해제
PASS_MIN_LEN CHANGE  /etc/pam.d/ /etc/login.defs
#common-password PASS_MIN_LEN 8 설정 
install libpam-pwquality
#libpam-pwquality 패키지 설치
add minclass /etc/pam.d/common-password
MINCLASS /etc/apm.d/common-password에 삽입 후 3으로 설정
================================================ end 1-2.password_complexity.sh ================================================

================================================ start 1-3.password_threshold.sh ================================================
/etc/pam.d/common-password 에 5로 임계값 설정
change retry /etc/pam.d/common-password
add deny /etc/pam.d/common-password
/etc/pam.d/common-password 에 deny 설정
add retry /etc/pam.d/common-password
/etc/pam.d/common-password에 deny 설정
change retry /etc/pam.d/common-password
/etc/pam.d/common-password retry 사이즈 5로 설정
add retry /etc/pam.d/common-auth
/etc/pam.d/common-auth retry 설정
================================================ end 1-3.password_threshold.sh ================================================

================================================ start 1-4.passwd_protect.sh ================================================
================================================ end 1-4.passwd_protect.sh ================================================

auth requried pam_wheel.so debug=wheel in /etc/pam.d/su
================================================ start 1-7.password_minless.sh ================================================
PASS_MIN_LEN CHANGE  /etc/login.defs
================================================ end 1-7.password_minless.sh ================================================

================================================ start 1-8.password_max_term.sh ================================================
PASS_MAX_DAYS CHANGE  login.depfs
================================================ end 1-8.password_max_term.sh ================================================

================================================ start 1-9.passwword_min_term.sh ================================================
PASS_MIN_DAYS CHANGE  login.depfs
================================================ end 1-9.passwword_min_term.sh ================================================

================================================ start 1-10.unnecessary_user.sh ================================================
sync add comment in /etc/passwd file
games add comment in /etc/passwd file
lp add comment in /etc/passwd file
news add comment in /etc/passwd file
uucp add comment in /etc/passwd file
================================================ end 1-10.unnecessary_user.sh ================================================

PLEASE COMMUNICATE WITH CUSTOMER
================================================ start 1-14.user_shell.sh ================================================
================================================ end 1-14.user_shell.sh ================================================

================================================ start 1-15.session_timeout.sh ================================================
time out setting change in /etc/profile
================================================ end 1-15.session_timeout.sh ================================================

================================================ start 2-1.root_path.sh ================================================
================================================ end 2-1.root_path.sh ================================================

/var/lib/private/systemd/timesync
/var/lib/private/systemd/timesync/clock
/var/lib/private/systemd/timesync
/var/lib/private/systemd/timesync/clock
================================================ start 2-3.passwd_permission.sh ================================================
================================================ end 2-3.passwd_permission.sh ================================================

================================================ start 2-4.shadow_permission.sh ================================================
/etc/shadow Permission change
================================================ end 2-4.shadow_permission.sh ================================================

================================================ start 2-5.hosts_permission.sh ================================================
/etc/hosts Permission change
================================================ end 2-5.hosts_permission.sh ================================================

================================================ start 2-6.inetd_permission.sh ================================================
/etc/xinetd.conf OWNER change to root
================================================ end 2-6.inetd_permission.sh ================================================

================================================ start 2-7.rsyslog_permission.sh ================================================
================================================ end 2-7.rsyslog_permission.sh ================================================

================================================ start 2-8.service_permission.sh ================================================
================================================ end 2-8.service_permission.sh ================================================

================================================ start 2-9.sticky_check.sh ================================================
/usr/bin/newgrp is use Sticky bit
/usr/bin/newgrp remove Sticky bit
/sbin/unix_chkpwd is use Sticky bit
/sbin/unix_chkpwd remove Sticky bit
/usr/bin/at is use Sticky bit
/usr/bin/at remove Sticky bit
================================================ end 2-9.sticky_check.sh ================================================

================================================ start 2-9.sticky_check_list.txt ================================================
================================================ start 1-1.ssh_root_deny.sh ================================================
================================================ end 1-1.ssh_root_deny.sh ================================================

================================================ start 1-2.password_complexity.sh ================================================
================================================ end 1-2.password_complexity.sh ================================================

================================================ start 1-3.password_threshold.sh ================================================
================================================ end 1-3.password_threshold.sh ================================================

================================================ start 1-4.passwd_protect.sh ================================================
================================================ end 1-4.passwd_protect.sh ================================================

================================================ start 1-7.password_minless.sh ================================================
================================================ end 1-7.password_minless.sh ================================================

================================================ start 1-8.password_max_term.sh ================================================
================================================ end 1-8.password_max_term.sh ================================================

================================================ start 1-9.passwword_min_term.sh ================================================
================================================ end 1-9.passwword_min_term.sh ================================================

================================================ start 1-10.unnecessary_user.sh ================================================
================================================ end 1-10.unnecessary_user.sh ================================================

PLEASE COMMUNICATE WITH CUSTOMER
================================================ start 1-14.user_shell.sh ================================================
================================================ end 1-14.user_shell.sh ================================================

================================================ start 1-15.session_timeout.sh ================================================
================================================ end 1-15.session_timeout.sh ================================================

================================================ start 2-1.root_path.sh ================================================
================================================ end 2-1.root_path.sh ================================================

/var/lib/private/systemd/timesync
/var/lib/private/systemd/timesync/clock
/var/lib/private/systemd/timesync
/var/lib/private/systemd/timesync/clock
================================================ start 2-3.passwd_permission.sh ================================================
================================================ end 2-3.passwd_permission.sh ================================================

================================================ start 2-4.shadow_permission.sh ================================================
================================================ end 2-4.shadow_permission.sh ================================================

================================================ start 2-5.hosts_permission.sh ================================================
================================================ end 2-5.hosts_permission.sh ================================================

================================================ start 2-6.inetd_permission.sh ================================================
/etc/xinetd.conf OWNER change to root
================================================ end 2-6.inetd_permission.sh ================================================

================================================ start 2-7.rsyslog_permission.sh ================================================
================================================ end 2-7.rsyslog_permission.sh ================================================

================================================ start 2-8.service_permission.sh ================================================
================================================ end 2-8.service_permission.sh ================================================

================================================ start 2-9.sticky_check.sh ================================================
================================================ end 2-9.sticky_check.sh ================================================

================================================ start 2-9.sticky_check_list.txt ================================================
================================================ start 1-1.ssh_root_deny.sh ================================================
================================================ end 1-1.ssh_root_deny.sh ================================================

================================================ start 1-2.password_complexity.sh ================================================
================================================ end 1-2.password_complexity.sh ================================================

================================================ start 1-3.password_threshold.sh ================================================
================================================ end 1-3.password_threshold.sh ================================================

================================================ start 1-4.passwd_protect.sh ================================================
================================================ end 1-4.passwd_protect.sh ================================================

================================================ start 1-7.password_minless.sh ================================================
================================================ end 1-7.password_minless.sh ================================================

================================================ start 1-8.password_max_term.sh ================================================
================================================ end 1-8.password_max_term.sh ================================================

================================================ start 1-9.passwword_min_term.sh ================================================
================================================ end 1-9.passwword_min_term.sh ================================================

================================================ start 1-10.unnecessary_user.sh ================================================
================================================ end 1-10.unnecessary_user.sh ================================================

PLEASE COMMUNICATE WITH CUSTOMER
================================================ start 1-14.user_shell.sh ================================================
================================================ end 1-14.user_shell.sh ================================================

================================================ start 1-15.session_timeout.sh ================================================
================================================ end 1-15.session_timeout.sh ================================================

================================================ start 2-1.root_path.sh ================================================
================================================ end 2-1.root_path.sh ================================================

/var/lib/private/systemd/timesync
/var/lib/private/systemd/timesync/clock
/var/lib/private/systemd/timesync
/var/lib/private/systemd/timesync/clock
================================================ start 2-3.passwd_permission.sh ================================================
================================================ end 2-3.passwd_permission.sh ================================================

================================================ start 2-4.shadow_permission.sh ================================================
================================================ end 2-4.shadow_permission.sh ================================================

================================================ start 2-5.hosts_permission.sh ================================================
================================================ end 2-5.hosts_permission.sh ================================================

================================================ start 2-6.inetd_permission.sh ================================================
/etc/xinetd.conf OWNER change to root
================================================ end 2-6.inetd_permission.sh ================================================

================================================ start 2-7.rsyslog_permission.sh ================================================
================================================ end 2-7.rsyslog_permission.sh ================================================

================================================ start 2-8.service_permission.sh ================================================
================================================ end 2-8.service_permission.sh ================================================

================================================ start 2-9.sticky_check.sh ================================================
================================================ end 2-9.sticky_check.sh ================================================

================================================ start 2-9.sticky_check_list.txt ================================================
