SCO Security Configuration

SCO Security Configuration

Post by Eric Maiwal » Wed, 18 Aug 1999 04:00:00



Greetings,

I am trying to get information on the security configuration for
SCO OpenServer 5.0 systems.  Specifically, my questions are:

1 - Can you force a minimum password length, maximum password age
    and minimum password age?  If so, where do you set this?

2 - Is the default umask set in /etc/profile as in other unixes?

3 - How do you enable auditing of login/logouts, root functions,
    network connections, and failed file access?

Thanks for the help,  

Eric

--
---------------------------------------------------------------------

So Many Hobbies, So little time
---------------------------------------------------------------------

 
 
 

1. POP server configuration Security

Question is,...on an NT 3.51 running Netscapes Mail Server, a network manager
I work with is concerned that security will be compromised if we sign onto
another ISP account and retrieve our mail by configuring our e-mail clients
to query the POP server. He claims that hackers will steal our passwords from
packets logging onto the POP server. He seems to feel that a password
hijacker can sit and intercept theses packets, disassemble them, decrypt the
password, and this will allow them to access our system. I hold that our POP
and SMTP server is separate from all others, and even if this could happen,
the worst that could happen is very little for all of the effort, such as
someone reading someone elses mail.

Someone taught a class on security that this guy attended and it appears that
they have misled him into thinking paranoia. He basically does not want me,
the Webmaster, and the rest of the staff retrieving our mail unless we are
dialed into our own Network, I say there is no problem with accessing
remotely through my Internet provider.

BTW, Our DNS is on a Unix server, as he will not let me set it up on NT. He
knows neither NT nor Unix, but manages the Novell LAN. Our provider
originally set up the DNS on the Unix, and he is afraid to touch it. He is
also afraid the Unix box will be accessed by hackers if they decode the POP
server, although there is no integrated connection other than physical.

Any thoughts? E-mail me if possible.

Tom

2. aliasing in ksh vs. csh

3. Security Configurations

4. cvsup protocol 16.1

5. "On:" Security And Configuration

6. CD incremental Backup strategy

7. NIS+ security questions/configuration

8. xquake for Linux in 16-bit mode?

9. Virtualhost security configuration

10. A security configuration question

11. PCP/PSP UNIX network security and configuration monitor

12. AIX V3 security configuration question

13. Question: C2 Security Configuration for general Unix and Solaris/Trusted Solaris (Auditing)