Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: UNIX Security Question
Top Forums UNIX for Dummies Questions & Answers UNIX Security Question Post 54302 by RTM on Monday 9th of August 2004 04:57:12 PM
Old 08-09-2004
Yes - see this post about directory permissions.
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

PostFix security question

I have a Postfix mail server running on my eMac, and been looking at /var/log/mail.log. I am new to administrating a mail server. I notice some servers tried to relay messages to unkown recipients in my server, and my Postfix denied access. The "from" and "rcpt to" look very phony. I did a... (3 Replies)
Discussion started by: fundidor
3 Replies

2. UNIX for Dummies Questions & Answers

security question

I just wanted to know when dealing with key loggers, What would be a normal routine for searching them out. I really don't know what I am looking for other than odd process. Also packet sniffers. What are signs? (0 Replies)
Discussion started by: blanks
0 Replies

3. Cybersecurity

One Question about security

Hi there, Due to limited resource available in my network, I had to allow users comming from internet to telnet my SCO UNIXWARE box directly, like: telnet 23.1.1.2, anyone can access. I can't make it secure based on IP addresses or hostnames since IP address is dynamic. I have made all the... (9 Replies)
Discussion started by: tayyabq8
9 Replies

4. UNIX for Dummies Questions & Answers

Question: Unix Security

question deleted, because answered (2 Replies)
Discussion started by: kasa
2 Replies

5. UNIX for Dummies Questions & Answers

Security Question

In an effort to adapt to best security practices, it has been suggested that a number of scripts that are going to be distributed to multiple machines across an internal network use be modified to replace instances of rsh and rcp with openSSH ssh and scp. Since there are so many references to rsh... (1 Reply)
Discussion started by: jasondj
1 Replies

6. Cybersecurity

Security question.

This may seems simple but I am unaware of this. Is there anyway to fetch the date & time of a user ID created on AIX? (actually I need answer for HP-UX,Solaris & Linux as well. But AIX is what I am most interested in.) I use ls command but it does not show the creation date. It just shows the... (2 Replies)
Discussion started by: raj100
2 Replies

7. Cybersecurity

Question on a security package on linux

Hello everyone , I want to implement a new firewall, detection system on my network composed of some 200 computers as follows: The fire wall would be a linux box with router, L7 iptable and also snort as IDPS system. These are my questions: 1. Is there any security consideration regarding... (0 Replies)
Discussion started by: ahmedkamel
0 Replies

8. Cybersecurity

Web hosting security question

Hi, Recently my has been hacked. A .pl script has been uploaded in the root of the directory, which uploaded lot of unwanted files and changed their file permission to 777. I have no clue how did they upload that .pl file in my hosting. Website is in shared hosting. Could they access my web... (3 Replies)
Discussion started by: agriz
3 Replies

9. AIX

AIX IP security question

Recently the network auditor found a security hole at port 50000. The port 50000 is used by db2. When I enter command "netstat -Aan |grep 50000", it showed some established connections and are all db2 processes. I have asked the application team and they answered that the port 50000 connection... (2 Replies)
Discussion started by: skeyeung
2 Replies

LEARN ABOUT SUNOS

gsscred

gsscred(1M)						  System Administration Commands					       gsscred(1M)

NAME

       gsscred - add, remove and list gsscred table entries

SYNOPSIS

       gsscred [ -n user  [-o oid] [-u uid]] [-c comment] -m mech -a

       gsscred [ -n user  [-o oid]] [-u uid] [-m mech] -r

       gsscred [ -n user  [-o oid]] [-u uid] [-m mech] -l

DESCRIPTION

       The gsscred utility is used to create and maintain a mapping between a security principal name and a local UNIX uid. The format of the user
       name is assumed to be GSS_C_NT_USER_NAME. You can use the -o option to specify the object identifier of the name  type.	The  OID  must	be
       specified in dot-separated notation, for example: 1.2.3.45464.3.1

       The gsscred table is used on server machines to lookup the uid of incoming clients connected using RPCSEC_GSS.

       When  adding  users,  if  no user name is specified, an entry is created in the table for each user from the passwd table. If no comment is
       specified, the gsscred utility inserts a comment that specifies the user name as an ASCII string and  the  GSS-APIsecurity  mechanism  that
       applies to it. The security mechanism will be in string representation as defined in the /etc/gss/mech file.

       The parameters are interpreted the same way by the gsscred utility to delete users as they are to create users. At least one of the follow-
       ing options must be specified: -n, -u, or -m. If no security mechanism is specified, then all entries will be deleted for the user  identi-
       fied by either the uid or user name. If only the security mechanism is specified, then all user entries for that security mechanism will be
       deleted.

       Again, the parameters are interpreted the same way by the gsscred utility to search for users as they are to create users.  If  no  options
       are  specified,	then the entire table is returned. If the user name or uid is specified, then all entries for that user are returned. If a
       security mechanism is specified, then all user entries for that security mechanism are returned.

OPTIONS

       -a	       Add a table entry.

       -c comment      Insert comment about this table entry.

       -l	       Search table for entry.

       -m mech	       Specify the mechanism for which this name is to be translated.

       -n user	       Specify the optional principal name.

       -o oid	       Specify the OID indicating the name type of the user.

       -r		Remove the entry from the table.

       -u uid	       Specify the uid for the user if the user is not local.

EXAMPLES

       Example 1: Creating a gsscred Table for the Kerberos v5 Security Mechanism

       The following shows how to create a gsscred table for the kerberos v5 security mechanism. gsscred obtains user names  and  uid's  from  the
       passwd table to populate the table.

       example% gsscred -m kerberos_v5 -a

       Example 2: Adding an Entry for root/host1 for the Kerberos v5 Security Mechanism

       The following shows how to add an entry for root/host1 with a specified uid of 0 for the kerberos v5 security mechanism.

       example% gsscred -m kerberos_v5 -n root/host1 -u 0 -a

       Example 3: Listing All User Mappings for the Kerberos v5 Security Mechanism

       The following lists all user mappings for the kerberos v5 security mechanism.

       example% gsscred -m kerberos_v5 -l

       Example 4: Listing All Mappings for All Security Mechanism for a Specified User

       The following lists all mappings for all security mechanisms for the user bsimpson.

       example% gsscred -n bsimpson -l

EXIT STATUS

       The following exit values are returned:

       0	       Successful completion.

       >0	       An error occurred.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWgss			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       gssd(1m), See gsscred.conf(4), attributes(5)

NOTES

       Some  GSS mechanisms, such as kerberos_v5, provide their own authenticated-name-to-local-name (uid) mapping and thus do not usually have to
       be mapped using gsscred. See gsscred.conf(4) for more information.

SunOS 5.10							    11 Feb 2004 						       gsscred(1M)
All times are GMT -4. The time now is 03:52 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy