19.9 Summary

Previous page
Table of content
Next page

Proper account administration is vital to keeping your computer secure. Be very careful about accounts without passwords: by definition, these accounts can be used by anyone who knows about them. Examine the default accounts that come with your computer: make sure that they cannot be used or, if they can be used, make sure that their passwords have been changed.

Do not set up group accounts ”that is, a single account that is used by more than one person. Group accounts diffuse accountability, which invariably makes some people act with less responsibility. (Plato observed this correlation more than 2,000 years ago when he wrote The Republic .)

You can place restrictions on accounts using either the chroot( ) or jail( ) system calls. You can also protect the superuser account by using SUID programs and other tools so that people do not need to be told the superuser password to get their work done.

Even in this day of biometrics and sophisticated security tokens, passwords remain the primary defense for many Unix installations. Make sure that your users do not employ passwords that are easily guessed. Use tools to detect account misuse or password abuse; if you lack these tools, then use password aging to assure that passwords will change over time. Finally, crack your own passwords ”your enemies are certainly doing so.


Previous page
Table of content
Next page
Practical UNIX and Internet Security
Practical Unix & Internet Security, 3rd Edition
ISBN: 0596003234
EAN: 2147483647
Year: 2003
Pages: 265
Authors: Simson Garfinkel, Gene Spafford PH.D., Alan Schwartz PH.D.
BUY ON AMAZON
WebLogic: The Definitive Guide
Java for RPG Programmers, 2nd Edition
Visual C# 2005 How to Program (2nd Edition)
Sap Bw: a Step By Step Guide for Bw 2.0
Cultural Imperative: Global Trends in the 21st Century
VBScript in a Nutshell, 2nd Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy