[ Pobierz całość w formacie PDF ]
.Medium security This level provides adequate security control formost environments.ASET modifies some of thesettings of system files and parameters, restrictingsystem access to reduce the risks from securityattacks.ASET reports security weaknesses andany modifications it makes to restrict access.Atthis level, ASET does not affect system services.High security This level renders a highly secure system.ASETadjusts many system files and parameter settingsto minimum access permissions.Most systemapplications and commands continue to functionnormally, but at this level, security considerationstake precedence over other system behavior.Specifies the working directory for ASET.The default is /usr/aset.08 2496 Ch06 8/30/00 1:11 PM Page 176176 CHAPTER 6 SYSTEM SECURITYThe following example runs ASET at low security using the default working directory/usr/aset:# /usr/aset/aset -l low======= ASET Execution Log =======ASET running at security level lowMachine = holl300s; Current time = 0530_14:03aset: Using /usr/aset as working directoryExecuting task list.firewallenvsysconfusrgrptunecklisteepromAll tasks executed.Some background tasks may still be running.Run /usr/aset/util/taskstat to check their status:/usr/aset/util/taskstat [aset_dir]where aset_dir is ASET s operating directory,currently=/usr/aset.When the tasks complete, the reports can be found in:/usr/aset/reports/latest/*.rptYou can view them by:more /usr/aset/reports/latest/*.rpt#Common-Sense Security TechniquesA system administrator can have the best system security measures in place, but without theusers cooperation, system security will be compromised.The system administrator mustteach common-sense rules regarding system security, such as the following:Use proper passwords.Countless sites use passwords such as  admin or  supervisorfor their root accounts.Don t give your password out to anyone, no matter who he says he is.One of the bestsystem crackers of our time said that he would simply pose as a system support per-son, ask a user for his password, and get free reign to the system.If you walk away from the system, log out or lock the screen.Think of the damage ifsomeone walked up to your station and sent a scathing email to the president of yourcompany with your name attached!Don t connect modems to your system without approval from the systemadministrator.08 2496 Ch06 8/30/00 1:11 PM Page 177SUMMARY 177SummaryThis chapter discussed fundamental concepts in system security.Although system crackersseem to always find new ways to break into systems, the concepts described in this chapterprovide a strong defense against an attack.Chapter 7,  Setting Up User Accounts, will putthese concepts to practical use as you set up and manage user accounts.09 2496 Ch07 8/30/00 1:12 PM Page 178C H A P T E R7Setting Up UserAccountsThe following are the test objectives forthis chapter:Using Admintool to add, delete,and modify user accountsSetting up, customizing, andadministering initialization filesAdministering user homedirectoriesUnderstanding name services09 2496 Ch07 8/30/00 1:12 PM Page 179ccess to a system is allowed only through user login accounts set up bythe system administrator.A user account includes information that a userneeds to log in and use a system a user login name, a password, theAuser s home directory, and login initialization files.User accounts canrange from occasional guests needing read-only access to a few files, to regular users whoneed to share information between several departments.Table 7-1 lists the methods and tools available in Solaris for adding new user accounts tothe system.Table 7-1 Adding New User AccountsEnvironment Recommended Tool AvailabilityOn remote and/or local User and Group Available as a separate product.(Solsticesystems in a networked Manager AdminSuite is described in Chapter 20,name service (NIS, NIS+) (graphical user  Solstice AdminSuite. )interface) fromthe SolsticeAdminSuiteLocal system Admintool Provided with Solaris 7.(graphical userinterface)Command-line Terminal window Provided with Solaris 7.(CDE environment)or shell tool orcommand tool(OpenWindowsenvironment)One way to add user accounts is from the command line.Solaris supplies the user administrationcommands described in Table 7-2 for setting up user accounts.Table 7-2 Account Administration CommandsCommand Descriptionuseradd Adds a new user account.userdel Deletes a user account.usermod Modifies a user account.continues09 2496 Ch07 8/30/00 1:12 PM Page 180180 CHAPTER 7 SETTING UP USER ACCOUNTSTable 7-2 Account Administration Commands (continued)Command Descriptiongroupadd Adds a new group.groupmod Modifies a group (for example, changes the group ID or name).groupdel Deletes a group.As with many UNIX commands, the command-line method of adding user accounts is cum-bersome and confusing [ Pobierz całość w formacie PDF ]

zanotowane.pl

doc.pisz.pl

pdf.pisz.pl

funlifepok.htw.pl

• Menu

  • Index
  • Lem Stanislaw Solaris
  • Lem Stanislaw Solaris (2)
  • Martin George R.R Gra o tron
  • Salgari Emilio Gora swiatla
  • Saylor Steven Zagadka Katyliny
  • Nancy Kress Zebracy na koniach
  • Henryk Sienkiewicz panwolodyjowski
  • Michael Barrier Animated Man. A Life of Walt Disney (2007)
  • Denning Troy Gwiazda po gwiezdzie (SCAN dal
  • Jordan Robert Czarna Wieza (SCAN dal 930)
  • zanotowane.pl
  • doc.pisz.pl
  • pdf.pisz.pl
  • piecio.opx.pl