Some Linux/Unix Security Guidelines
Unix security is a big world including Software and hardware, there is no guaranties to make your Unix system safe, but you can make it very difficult for the Crackers en Hackers; in this quick guide will show you some simple steps to protect your system.
1- Take Care With Passwords:
Use good ones (motherhood statement)
Don’t Use Real Words
Make Sure They Are Not Easily Guessed
Use Combinations Of Upper and Lower Case, Numbers, Punctuation One Method: Take first letter of a sentence or book title, insert numbers and punctuation.
2- Use Shadow Passwords:
Allows encrypted passwords to be in a file that is not world readable
3- Use Password Aging:
Requires shadow passwords
4- Restrict Superuser Access:
Restrict where root can log in from
/etc/security restricts root access to devices listed Use wheel group to restrict who can su to root Put users who can su to root in wheel group in /etc/group file.
5- Use groups to allow access to files that must be shared:
Otherwise users will set world permission
6- Be careful with SUID and SGID
Avoid setting executables to SUID root
Wrap SUID root wrapper around programs if they must be run SUID root Create special accounts for programs that must run with higher permissions