06-08-2011
The tftp user should normally be locked out. It was sometimes used to back up old Cisco router configs but has no place in modern usage. A tftp user is a big security risk.
This User Gave Thanks to methyl For This Post:
10 More Discussions You Might Find Interesting
1. Post Here to Contact Site Administrators and Moderators
hi
how to disable the useraccount in aix (should not remove). (1 Reply)
Discussion started by: chomca
1 Replies
2. Shell Programming and Scripting
Hi Experts,
We 4 to 5 people are using same UNIX(Solaris) login for our testing purpose. Also we are doing some modifications to existing scripts.
Is it possible to know the each user machine (IP address or machine name) who are using the same login to modify the scripts. So that we can... (12 Replies)
Discussion started by: ganapati
12 Replies
3. HP-UX
example
root::0:3::/:/sbin/sh
daemon:*:1:5::/:/sbin/sh
bin:*:2:2::/usr/bin:/sbin/sh
sys:*:3:3::/:
adm:*:4:4::/var/adm:/sbin/sh
uucp:*:5:3::/var/spool/uucppublic:/usr/lbin/uucp/uucico
lp:*:9:7::/var/spool/lp:/sbin/sh
nuucp:*:11:11::/var/spool/uucppublic:/usr/lbin/uucp/uucico... (1 Reply)
Discussion started by: alert0919
1 Replies
4. UNIX for Dummies Questions & Answers
Thanks
AVKlinux (3 Replies)
Discussion started by: avklinux
3 Replies
5. Shell Programming and Scripting
Hi All,
I wanted to know if there is any way , in which a user could be identified. I need to diffrenciate between a root user and a root like user.
Thanks!
nua7 (4 Replies)
Discussion started by: nua7
4 Replies
6. AIX
SOS Guys...
Is there any way to determine the user attributes, mainly if that userid is set as never expire?
I do not have admin rights, and I'm working on AIX 5.3
I've tried :
lsuser -f <username>
but no luck on that (2 Replies)
Discussion started by: freakygs
2 Replies
7. Linux
Hi,
i have the following config in the system-auth files
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth required /lib/security/$ISA/pam_deny.so
account required ... (2 Replies)
Discussion started by: yprudent
2 Replies
8. HP-UX
I need to check actual date a user was disabled on my HP-UX server.
Audit is claiming the user account was active during the last audit exercise. (7 Replies)
Discussion started by: cyriac_N
7 Replies
9. UNIX for Beginners Questions & Answers
Hi Team
I have created some time back a user called "iuser"
but I am not able to login with it. I am getting below error.
# su - iuser
su: user iuser does not exist
tried to unlock the user still get same error
# pam_tally2 -u iuser -r
pam_tally2: pam_get_uid; no such user iuser... (7 Replies)
Discussion started by: scriptor
7 Replies
10. UNIX for Beginners Questions & Answers
Hello and thanks in advance for anyone that can offer me any help with this!
I'm trying to figure out a quick & easy way to see a list of everyone's effective user id... I would have thought 'w' or 'who' would be able to display if someone had switched user accounts... but it's only showing the... (3 Replies)
Discussion started by: bodisha
3 Replies
LEARN ABOUT OSF1
secconfig
secconfig(8) System Manager's Manual secconfig(8)
NAME
secconfig, secsetup - Security features setup graphical interface (Enhanced Security)
SYNOPSIS
/usr/sbin/sysman secconfig
NOTE: The secsetup utility has been replaced by the secconfig graphical interface.
DESCRIPTION
The utility is a graphical interface used to select the level of system security needed. It can convert from Base to enhanced security
mode, and configure base and enhanced security features. If you are using secconfig to enable Enhanced security, you must first have
loaded the enhanced security subsets.
You can run while the system is in multiuser mode. However, if you change the security level, the change is not completed until you reboot
the system.
For both base and enhanced security, the secconfig utility allows you to enable segment sharing, to enable access control lists (ACLs), and
to restrict the setting of the execute bit to root only.
For enhanced security, the secconfig utility additionally allows you to configure security support from simple shadow passwords all the way
to a strict C2 level of security. Shadow password support is an easy method for system administrators, who do not wish to use all of the
extended security features, to move each user's password out of /etc/passwd and into the extended user profile database (auth.db. You can
use the Custom mode if you wish to select additional security features, such as breakin detection and evasion, automatic database trimming,
and password controls.
When converting from base to enhanced security, secconfig updates the system default database (/etc/auth/system/default) and uses the con-
vuser utility to migrate user accounts.
While it is possible to convert user accounts from enhanced back to base, the default encryption algorithms and supported password lengths
differ between base and enhanced security, and thus user account conversions do not succeed without a password change.
NOTE: Because of the page table sharing mechanism used for shared libraries, the normal file system permissions are not adequate to protect
against unauthorized reading. The secconfig interface allows you to disable segment sharing. The change in segment sharing takes effect
at the next reboot.
FILES
RELATED INFORMATION
acl(4), authcap(4), default(4), convuser(8),
Security delim off
secconfig(8)