topic security audit requirements for default users in Operating System - Linux https://community.hpe.com/t5/operating-system-linux/security-audit-requirements-for-default-users/m-p/4802805#M44550 <P>Dear Gurus,</P><P>I have Redhat AS 4 running on rx6600 machines. During the audit following questions were raised, would be delighted if someone could help me in answering those:</P><P>&nbsp;</P><P><FONT color="#244061" face="Cambria, serif"><SPAN class="Apple-style-span"><STRONG>Question # 1:</STRONG></SPAN></FONT></P><P class="MsoNormal"><SPAN>We observed that the Following Users are not attached to access control groups as appropriate:</SPAN></P><P class="MsoNormal"><STRONG><SPAN><SPAN>1.&nbsp;</SPAN></SPAN></STRONG><STRONG><SPAN>tty,mem,kmem,man,games,gopher,dip,ftttp,lock,nobody,dbus,flopy,vcsa,nscd,rpm,haldaemon,utmp,slocate,sshd,rpc,rpcuser,nfsnobody,mailnull,smmsp,pcap,xfs,ntp.</SPAN></STRONG></P><P class="MsoNormal"><SPAN>&nbsp;</SPAN></P><P class="MsoNormal"><SPAN>And Also the Following generic users accounts are member of powerful user groups:</SPAN></P><P class="MsoNormal"><SPAN>&nbsp;<STRONG><STRONG>2.b</STRONG><STRONG>in,daemon,adm,lp,sync,shutdown,halt,mail,news,uucp,operator,games,gopher,ftp,vcsa,nscd,rpm,haldaemon,netdump,sshd,rpc,rpcuser,nfsnobody,mailnull,gdm</STRONG></STRONG></SPAN></P><P class="MsoNormal">&nbsp;</P><P class="MsoNormal"><STRONG><SPAN>Question # 2:</SPAN></STRONG></P><P class="MsoNormal">&nbsp;</P><P class="MsoNormal"><SPAN class="Apple-style-span">As per the existing servers configuration of Hp Linux Operating systems Default Accounts,</SPAN></P><P class="MsoNormal"><SPAN>&nbsp;</SPAN></P><P class="MsoNormal"><SPAN>We observed that the Following Default Accounts On HP Linux are active and not disabled: </SPAN></P><P class="MsoNormal"><SPAN>&nbsp;<STRONG>1.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</STRONG><STRONG>uucp, bin, nobody, daemon, lp</STRONG></SPAN></P><P class="MsoNormal">&nbsp;</P><P class="MsoNormal"><SPAN>I will appreciate your advice to solve this issue, also the effects of disabling these accounts / services and what are the generally best practices to achive this.</SPAN></P><P class="MsoNormal">&nbsp;</P> Mon, 27 Jun 2011 06:51:34 GMT AQadir_1 2011-06-27T06:51:34Z security audit requirements for default users https://community.hpe.com/t5/operating-system-linux/security-audit-requirements-for-default-users/m-p/4802805#M44550 <P>Dear Gurus,</P><P>I have Redhat AS 4 running on rx6600 machines. During the audit following questions were raised, would be delighted if someone could help me in answering those:</P><P>&nbsp;</P><P><FONT color="#244061" face="Cambria, serif"><SPAN class="Apple-style-span"><STRONG>Question # 1:</STRONG></SPAN></FONT></P><P class="MsoNormal"><SPAN>We observed that the Following Users are not attached to access control groups as appropriate:</SPAN></P><P class="MsoNormal"><STRONG><SPAN><SPAN>1.&nbsp;</SPAN></SPAN></STRONG><STRONG><SPAN>tty,mem,kmem,man,games,gopher,dip,ftttp,lock,nobody,dbus,flopy,vcsa,nscd,rpm,haldaemon,utmp,slocate,sshd,rpc,rpcuser,nfsnobody,mailnull,smmsp,pcap,xfs,ntp.</SPAN></STRONG></P><P class="MsoNormal"><SPAN>&nbsp;</SPAN></P><P class="MsoNormal"><SPAN>And Also the Following generic users accounts are member of powerful user groups:</SPAN></P><P class="MsoNormal"><SPAN>&nbsp;<STRONG><STRONG>2.b</STRONG><STRONG>in,daemon,adm,lp,sync,shutdown,halt,mail,news,uucp,operator,games,gopher,ftp,vcsa,nscd,rpm,haldaemon,netdump,sshd,rpc,rpcuser,nfsnobody,mailnull,gdm</STRONG></STRONG></SPAN></P><P class="MsoNormal">&nbsp;</P><P class="MsoNormal"><STRONG><SPAN>Question # 2:</SPAN></STRONG></P><P class="MsoNormal">&nbsp;</P><P class="MsoNormal"><SPAN class="Apple-style-span">As per the existing servers configuration of Hp Linux Operating systems Default Accounts,</SPAN></P><P class="MsoNormal"><SPAN>&nbsp;</SPAN></P><P class="MsoNormal"><SPAN>We observed that the Following Default Accounts On HP Linux are active and not disabled: </SPAN></P><P class="MsoNormal"><SPAN>&nbsp;<STRONG>1.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</STRONG><STRONG>uucp, bin, nobody, daemon, lp</STRONG></SPAN></P><P class="MsoNormal">&nbsp;</P><P class="MsoNormal"><SPAN>I will appreciate your advice to solve this issue, also the effects of disabling these accounts / services and what are the generally best practices to achive this.</SPAN></P><P class="MsoNormal">&nbsp;</P> Mon, 27 Jun 2011 06:51:34 GMT https://community.hpe.com/t5/operating-system-linux/security-audit-requirements-for-default-users/m-p/4802805#M44550 AQadir_1 2011-06-27T06:51:34Z