“To secure root, let’s start with the password. Passwords need
to be impossible to guess and must not be a simple word found in
the dictionary.”
“An excellent system compliment to difficult to guess passwords
is setting up shadow passwords.”
“Attacking the passwd file is one way to get root’s password,
another way to do it is by using a protocol analyzer to capture the
password in network packets. Many applications, such as telnet and
ftp, send the password across the network in clear text.”
“As important as securing the root account’s password is
limiting those who have access to it…”
“In some cases, a better option for granting root level access
than the su utility is sudo.”