Linux Today: Linux News On Internet Time.

Security Portal: Securing your root account with Linux

Jun 07, 1999, 02:30 (1 Talkback[s])
(Other stories by Security Portal)

"To secure root, let's start with the password. Passwords need to be impossible to guess and must not be a simple word found in the dictionary."

"An excellent system compliment to difficult to guess passwords is setting up shadow passwords."

"Attacking the passwd file is one way to get root's password, another way to do it is by using a protocol analyzer to capture the password in network packets. Many applications, such as telnet and ftp, send the password across the network in clear text."

"As important as securing the root account's password is limiting those who have access to it..."

"In some cases, a better option for granting root level access than the su utility is sudo."

Complete story.