Some Linux/Unix Security Guidelines

network-security-2

Unix security  is  a big world including Software  and  hardware, there is no  guaranties to  make your  Unix system safe,  but you can make it very difficult for  the Crackers en Hackers; in this quick guide will show  you  some  simple  steps  to protect  your  system.

 1- Take Care With Passwords:

Use good ones (motherhood statement)

Don’t Use Real Words

Make Sure They Are Not Easily Guessed

Use Combinations Of Upper and Lower Case, Numbers, Punctuation One Method: Take first letter of a sentence or book title, insert numbers and punctuation.

 2- Use Shadow Passwords:

 Allows encrypted passwords to be in a file that is not world readable

3- Use Password Aging:

Requires shadow passwords

4- Restrict Superuser Access:

Restrict where root can log in from

/etc/security restricts root access to devices listed Use wheel group to restrict who can su to root Put users who can su to root in wheel group in /etc/group file.

 5- Use groups to allow access to files that must be shared:

 Otherwise users will set world permission

6- Be careful with SUID and SGID

Avoid setting executables to SUID root

Wrap SUID root wrapper around programs if they must be run SUID root Create special accounts for programs that must run with higher permissions