Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: ID Management Security guideline for Linux, AIX, SunOS and HP UX
Special Forums Cybersecurity ID Management Security guideline for Linux, AIX, SunOS and HP UX Post 303018583 by blinkingdan on Monday 11th of June 2018 04:22:52 AM
Old 06-11-2018
ID Management Security guideline for Linux, AIX, SunOS and HP UX
I'm searching for COMPREHENSIVE ID management security guideline to manage user administration in my current job. I couldn't find it online or the books that could help.

What I need to know:
  1. User security directories and how to use it.
  2. How user should be managed.
  3. How the standard user policies should be.
  4. How to manage and check sudo logs.
  5. All about root id management.
  6. and many more that I'm suppose to know for ID management Security in corporate companies.

Please help. I really need this badly to set a standard policies and monitoring for my new project for Linux, AIX, SunOS and HP UX servers. We have about 10 000 servers which I need to standardize.
Last edited by rbatte1; 06-11-2018 at 10:56 AM.. Reason: Converted from text numbered list to formatted numbered list with LIST=1 tags
 

4 More Discussions You Might Find Interesting

1. Solaris

Java / SunOS Security question

Hi, I have a question about the Java that comes with the Solaris 9/10 OS. All my boxes are servers, only ssh allowed, no x windows, hardened, firewaled, etc... Their purpose is Oracle DB's and Sun One Dir servers. None of which use the OS version of Java as far as know. Question IS, can... (1 Reply)
Discussion started by: BG_JrAdmin
1 Replies

2. UNIX for Advanced & Expert Users

awk variable regexp works in AIX but not in SunOS?

Using awk variables for regular expressions is working for me in AIX. It is failing for me in SunOS. I don't know why. Can someone explain and/or suggest a fix for the SunOS version? Here is a little test script. It runs fine in AIX: $ cat test.ksh #! /bin/ksh print "Executed on OS: $(... (6 Replies)
Discussion started by: charles_n_may
6 Replies

3. Solaris

Patch management (Solaris, AIX , Linux )

Hi Guys, I am doing L1 Level support for Solaris Platform. Eg. User Management, File system , Print management and Job monitoring. I recently completer my IBM Aix 7 Administration certification. Issue is that my manager is asking me do full time unix / linux patch management work for new... (5 Replies)
Discussion started by: Nats
5 Replies

4. What is on Your Mind?

Individual Risk Management (Personal IT Security) and Browser Cache Management

Original post from this thread on browser caching. To add to this, it is an effective security measure to clear absolutely all cached data (cookies, web content, ....) when closing the browser - i.e. in case of a shutdown. It takes a bit of work to re-login to all the sites but websites will not... (7 Replies)
Discussion started by: bakunin
7 Replies

LEARN ABOUT HPUX

nfssec

nfssec(5)							File Formats Manual							 nfssec(5)

NAME

       nfssec - overview of NFS security modes

DESCRIPTION

       The  mount_nfs(1M)  and	share_nfs(1M) commands each provide a way to specify the security mode to be used on an NFS filesystem through the
       option.	mode can be either or These security modes may also be added to the automount maps.  Note that mount_nfs(1M) and automount(1M)	do
       not support at this time.

       The  option  on	the share_nfs(1M) command line establishes the security mode of NFS servers.  If the NFS connection uses the NFS Version 3
       protocol, the NFS clients must query the server for the appropriate mode to use.  If the NFS connection uses the NFS  Version  2  protocol,
       then  the NFS client uses the default security mode, which is currently NFS clients may force the use of a specific security mode by speci-
       fying the option on the command line.  However, if the filesystem on the server is not shared with that security mode, the  client  may	be
       denied access.

       If  the	NFS client wants to authenticate the NFS server using a particular (stronger) security mode, the client wants to specify the secu-
       rity mode to be used, even if the connection uses the NFS Version 3 protocol.  This guarantees that an attacker masquerading as the  server
       does not compromise the client.

       The  NFS security modes are described below.  Of these, the modes use the Kerberos V5 protocol for authenticating and protecting the shared
       filesystems.  Before these can be used, the system must be configured to be part of a Kerberos realm.

       Use	 authentication.  The user's UNIX user-id and group-ids are passed in the clear on the network, unauthenticated by the NFS  server
		 .  This is the simplest security method and requires no additional administration.  It is the default used by HP-UX NFS Version 2
		 clients and HP-UX NFS servers.

       Use a Diffie-Hellman public key system
		 which is referred to as in the forthcoming Internet RFC).

       Use Kerberos V5 protocol to authenticate users before granting access
		 to the shared filesystem.

       Use Kerberos V5 authentication with integrity checking (checksums) to
		 verify that the data has not been tampered with.

       User Kerberos V5 authentication, integrity checksums, and privacy protection
		 (encryption) on the shared filesystem.  This provides the most secure filesystem sharing, as all traffic is encrypted.  It should
		 be  noted  that  performance  might  suffer on some systems when using depending on the computational intensity of the encryption
		 algorithm and the amount of data being transferred.

       Use null authentication
		 NFS clients using have no identity and are mapped to the anonymous user by NFS servers.  A client using  a  security  mode  other
		 than the one with which an HP-UX NFS server shares the filesystem has its security mode mapped to In this case, if the filesystem
		 is shared with users from the client are mapped to the anonymous user.

WARNINGS

       lists the NFS security services.  Do not edit this file.  It is not intended to be user-configurable.

FILES

       NFS security service configuration file

SEE ALSO

       automount(1M), mount_nfs(1M), share_nfs(1M), rpc_clnt_auth(3N), secure_rpc(3N), nfssec.conf(4).

																	 nfssec(5)
All times are GMT -4. The time now is 10:59 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy