Password aging forces the user to change passwords after a system administrator-specified period of time. Password aging can also force a user to keep a password for a certain number of weeks before changing it. Sample entry from /etc/passwd with password aging installed: will:5fg63fhD3d,M.z8:9406:12:Will Spencer:/home/will:/bin/bash Note the comma in the encrypted password field. The characters after the comma are used by the password aging mechanism. The password aging characters from above example are: M.z8 The four characters are interpreted as follows: 1 Maximum number of weeks a password can be Read More
Pluggable Authentication Modules
A Pluggable Authentication Module, or PAM, is a software implementation that allows administrators to significantly change how users log into a server by running a PAM on the server itself. PAMs are used to provide authentication of users as well as perform any tasks that are associated with initializing or terminating the session, such as logging a user into the server, displaying a personalized webpage, and logging the user out of the server when he/she is finished. How Pluggable Authentication Modules Work PAMs can be embedded into existing servers Read More
Sudo
`Sudo` is an enhanced alternative to the Unix `su` command. Sudo stands for “su do,” and means “do something as the supervisor.” Sudo’s Capabilities Sudo allows system administrators to control who can run some (or all) commands as root. This ability to restrict users can be configured on a per-host basis, and is a much more flexible way of controlling what commands a user may perform. Sudo allows users to perform certain, selected commands as if they were the UNIX root account, but because Sudo is customizable to give selective Read More
Linux Restricted Shell
The idea of a restricted shell first arose in the Unix operating system in order to prevent the end-user from doing as many operations as a normal shell allows. A restricted shell lets the administrator control the end-user’s computing environment by only permitting explicitly used commands to be used. The Linux restricted shell (rssh) is similar, but only a minimum command set is enabled for the end-user. When installed, the default configuration is to remove all access and capabilities until the configuration file is modified by the admin. In the Read More
How to Uninstall Ubuntu
Most often, when uninstalling Ubuntu–the most widely used version of Linux–what the person is done is replacing it with Windows. Therefore, to uninstall Ubuntu and therefore replace it with Windows, one must format the partition during the installation of Windows. This way, the space that was once Ubuntu goes to the Windows’ needs. When this is done, the Ubuntu is removed and, in its place, Windows appears on the hard drive. However, as more people begin to get comfortable with Linux, what is seen is a case of double booting. Read More
Configuring Linux DHCP Server
Configuring Linux DHCP Server Overview of Linux DHCP DHCP basically stand for the dynamic host configuration protocol. In other words you can say it describes that how your computer is attached with networks.. Assigning an IP address dynamically is basic task assigned to DHCP along domain name, name server, gateway, host name and net mask. DHCP can provide the other information like time server etc and has capability to save your lots configuration work in your organization and company as well. The Linux DHCP performs like this as mentioned above Read More
How to Setup a Linux File Server
One way that a small business that requires a file server can save thousands of dollars per year is to set up a Linux file server. Linux is an open source software platform that, in many ways, is just as good as or better than other types of platforms including Microsoft and Sun. Small businesses and enterprises that require a file server can save immensely on the costs related to maintenance, support, licensing fees, and application costs associated with commercial servers. Switching to an open source file server such as Read More
How to Use vi
The vi editor (visual editor) is one of the oldest and more popular text editors on computers running the Unix Operating System (OS). The vi editor can be used from any computer terminal interfacing with a computer running Unix, since the editor relies on the standard alphabet keys for specific commands. Since vi is not a WYSIWYG (What You See is What You Get) text editor, it does not provide the formatting capabilities word processors do for paragraph indentations, font, and line centering. New vi users need to learn the Read More
How to Change an IP Address on Solaris
To change an IP address on a Solaris system immediately, use the `ifconfig` command. The syntax for `ifconfig` is: ifconfig <interface> <ip address> <netmask> <broadcast address> If the user does not know his/her network interface names, he/she should use the `ifconfig -a` command to list all of the available network interfaces. Permanently Change an IP Address on Solaris To make this change permanent, users need to edit one or more Solaris configuration files. If they do not, then their IP address will change back to the old address the next Read More
Security Problems with SUID Scripts and Programs
There are many methods which have been used to gain root priviledges from a Unix SUID (Set User ID) script or program. It is the task of the programmer of the SUID script or program to prevent the hacker from gaining root access. Here are some methods which hackers utilize and which programmers should prevent: Changing IFS If the program calls any other programs using the system() function call, the hacker may be able to fool it by changing IFS. IFS is the Internal Field Separator that the shell uses Read More
Share on: