[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security measures...



On Thu, Feb 10, 2000 at 05:11:58PM -0000, Foz wrote:
> Hi,
> 	Now I have SuSE 6.3 up and running, the best measure to take 
> for security. I am now letting other people use my machine 
> (multiple accounts for regular users and a default guest account for 
> everyone else), and I don't want to come back with either no linux 
> left or root passwords changed or anything like that.

	Do you have shadow passwords installed? I don't know whether
SuSE installs that by default, but most other distros do (or they give
you an option to do so). See if you have /etc/shadow (only to be read by
the superuser).

	
> Any suggestions? Also if they are in the console, the halt 
> command would be nice for users to get access to...

	Usually, they can just press ctrl+alt+del to reset and then
switch off.

> I have the BIOS password set, a decent root password (every two 
> weeks gets changed) Am I missing anything else? I have seen a 

	Make sure the machine doesn't boot off floppies or make sure it
doesn't boot any other "lesser" operating systems. Also check to see
whether your master boot record allows you to boot up from a floppy.

> utility that returns the passwords fom the password file on UNIX 
> systems - um... does this apply for Linux too?

	See above re shadow passwords.

	Oh well, and usual rumblings about stopping all services you
will not be using (if you aren't running a web server, do not have
apache running about), limit outside network entry (by installing ssh,
say)... Read the security HOWTO.... :))

	Regards,
	José
-- 
José L Gómez Dans			PhD student
					Radar & Communications Group
					Department of Electronic Engineering
					University of Sheffield UK
---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word 
 "unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.