- Linux Training
- Desktop Tutorials
- Server Tutorials
|Check for Unknown Accounts|
|Security - Server Security|
Check for Unknown User Accounts
One method a cracker will use is to create an account that has the UID of 0, which is the root account. Use this command to check for an additional account:
The output should look like this:
It is a good idea to keep track of all user accounts. You can list those accounts by using the command:
Every account should have a password, do not allow accounts on the system that by default do not have passwords.
Usually the only way that a program ends up on the system without a password is when a program is installed and by default there are not passwords. Even worse is to install a program that uses a poor default password like “admin” and then that fact is forgotten until too late. If a program is installed it is imperative to review the status of passwords for that program during the installation.
Copyright CyberMontana Inc. and BeginLinux.com
All rights reserved. Cannot be reproduced without written permission. Box 1262 Trout Creek, MT 59874