HPE Community
Operating System - HP-UX
1833125 Members
3368 Online
110051 Solutions
New Discussion

security

 
Jason Tan
Advisor

‎12-29-2002 11:37 PM

‎12-29-2002 11:37 PM

security

I have some question here:

If i don't want convert to trusted system,

1) How can i perform password cracking (to test password strength)on the fly when user change their password?

2) How to seach for a userid is not use for 3 month to disable and 6 month to delete the account.
smtan
0 Kudos
Reply
4 REPLIES 4
Khalid A. Al-Tayaran
Valued Contributor

‎12-30-2002 12:47 AM

‎12-30-2002 12:47 AM

Re: security



Hi,


1) How can i perform password cracking (to test password strength)on the fly when user change their password?

ans. I think there are crack utilities for /etc/passwd. Search for more info.

2) How to search for a userid is not use for 3 month to disable and 6 month to delete the account.

ans. Use the non_active_accounts script found in the scripts thread of thid forum. Attached for fast access....


Good luck......
0 Kudos
Reply
Michael Tully
Honored Contributor

‎12-30-2002 12:53 AM

‎12-30-2002 12:53 AM

Re: security

You will be a little limited if you choose using un-trusted.

Searching for user-id's that haven't been used for X months, you'll have to write a script that scans your password file and give you a report based on your 'wtmp' file. This will involve using the 'last' command. Same goes for the the deletion.

As far as password cracking, there are some commercial ones, but you can get 'crack' from here:

http://hpux.connect.org.uk/hppd/hpux/Sysadmin/crack-5.0/
Anyone for a Mutiny ?
0 Kudos
Reply
Rajeev Shukla
Honored Contributor

‎12-30-2002 12:59 AM

‎12-30-2002 12:59 AM

Re: security

Hi,
See password cracking are programs which you one makes on continous basis, and many people write in different way. As far as its security is concerened, since the passowrds are no more encrypted in /etc/passwd file instead in /tcb/files/auth so its more harder for crackers to trace a singe file as /etc/passwd file is.

Use /usr/lbin/getprpw on a userid, this will give you all details and even the last successful login, which means when he last logged in. To disable after 3 months and expire the login can be done in password policy under users in sam.
Go to sam->users->options

Rajeev
0 Kudos
Reply
Jose Mosquera
Honored Contributor

‎12-30-2002 02:09 AM

‎12-30-2002 02:09 AM

Re: security

Hi,

1) On non-trusted system is hard task to do, pls try downloading http://hpux.connect.org.uk/hppd/hpux/Sysadmin/crack-5.0/

2) If you keep your /var/adm/wtmp with info you can use "last" command to check the last successfully login by user. So, you need make a cron script that read /etc/passwd and verify for each user the unloged time, for this try with this "last" command implementation:
last |tail -3|head -1
the following output will be generated:
pts/tkc Mon Aug 26 09:05 - 13:41(2+04:35)

If you select "Month" and "Day" fields the time calculation will be possible.

To disable acounts try changing current valid Shell definition by "/usr/bin/false". This file must be with 555 permission. If not exist just create it with the "exit" content.
Pls **be careful** with the /etc/passwd file treatment. To remove accounts, I recomend you a similar procedure to calculate the last login date, but try to act through an email that report you these users ant then you will take a decision about.

Rgds.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.