Professional Documents
Culture Documents
TCP Wrapper Solaris
TCP Wrapper Solaris
1. Securing user
2. Securing Logins and Passwords
3. Controlling Access to Files
4. TCP Wrappers on Solaris
1. Securing user
•
Các Account mặc định của hệ thống
•
Rà soát account
• userdel –r tên_user
• /etc/default/passwd
• Displaying users without passwords
• Monitoring failed login attempts
• Monitoring all failed login attempts
• Monitoring All Failed SSH Login Attempts
• Monitoring who is using the su command
• Set Account Locking for Regular Users
/etc/default/passwd File
/etc/default/passwd File
• MAXWEEKS: Sets the maximum time period (in weeks) that the password
is valid
• MINWEEKS: Sets the minimum time period before the password can be
changed
• PASSLENGTH: Sets the minimum number of characters for a password.
Valid entries are 6, 7, and 8.
• WARNWEEKS (not shown): Sets the time period before a password’s
expiration to warn
the user that the password will expire
Note: The WARNWEEKS value does not exist by default in the
/etc/default/passwd file, but it can be added
/etc/default/passwd File
# ls -l /usr/bin/su
-r-sr-xr-x 1 root sys 22292 Jan 15 17:49 /usr/bin/su
octal value 4###
# ls -l /usr/bin/write
-r-xr-sr-x 1 root tty 11484 Jan 15 17:55 /usr/bin/write
sshd:10.151.197.151 - 10.151.197.176
in.telnetd:10.151.197.151 - 10.151.197.176
ftpd:10.151.197.151 - 10.151.197.176