LinuxSA Mailing list archives

  From: Phil Nitschke <phil@mrad.com.au>
  To  : mi-mi@sbs.itc.usm.my
  Date: Wed, 2 Jul 1997 00:22:28 +0930 (CST)

Re: Security

>>>>> "mimi" == "Ismail Ibrahim <mi-mi@sbs.itc.usm.my>" <mi-mi@sbs.itc.usm.my> writes:

  mimi> I am now about to connect my computer to the Internet via the
  mimi> university network. I am running RH4.1. I am a bit security
  mimi> conscious; are they any adjustments I should make to my
  mimi> machine before connecting it?

I found the default setup to be reasonably good.  If you want, try
playing with /etc/hosts.allow, etc.  See (man) hosts_access(5).

  mimi> 1. How do I set up my machine so that root can only log in via
  mimi> a particular VC?

See /etc/securetty (man securetty(5)).

  mimi> 2. According to the RH manual, I only need to issue 1 or 2
  mimi> commands to run shadow password. Is that it? It seems too
  mimi> simple to me.

I selected shadow passwords when doing the original installation, so I
can't speak with authority on how easy it is to change.  However one
problem that I can report is that after setting up X11 for the first
time on my new box, I could not log on any more (using xlogin), and
had to go back to using a console login only.  Eventually I tracked
the problem down to my xdm startup.  It needed to be changed to invoke
xdm-shadow instead of xdm.  Once I made this change, X11 (xlogin)
worked again for me.  (I consider this to be a bug in the installation
process.  Could be just a Debian thing, though!)


-- 
Phil