
	Home > Security Tips > Tech Tips > Part 4: Disable trusted host relationships and create a warning banner

Security Tips:

EMAIL THIS

TIPS & NEWSLETTERS TOPICS

TECH TIPS

Part 4: Disable trusted host relationships and create a warning banner

Gary Smith
10.15.2002
Rating: --- (out of 5)

Digg This!

StumbleUpon

Del.icio.us

Disable Trusted Host Relationships
The use of .rhosts and /etc/host.equiv files permit users at remote machines to log in without providing a password.

With Solaris 2.6, editing the PAM configuration policy file, pam.conf, to force users to provide a password even when a trust relationship has been defined using .rhosts or /etc/hosts.equiv. To do this, comment out the following lines in /etc/pam.conf:

rloginauth sufficient /usr/lib/security/pam_rhosts_auth.so.1
rloginauth required /usr/lib/security/pam_unix.so.1
rshauth required /usr/lib/security/pam_rhosts_auth.so.1

Create a Warning Banner
Create the file /etc/issue with something similar to this as its contents:

This system is a restricted access system. All activity on this system is subject to monitoring. If information collected reveals possible criminal activity or activity that exceeds privileges, evidence of such activity may be provided to the relevant authorities for further action. By continuing past this point, you expressly consent to this monitoring.

This block of text will be displayed at the login prompt.

Click here for the rest of this 12-part tip.

Rate this Tip
To rate tips, you must be a member of SearchSecurity.com. Register now to start rating these tips. Log in if you are already a member.

BROWSE BY TAG

Tech Tips, VIEW ALL TAGS

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Tech Tips
	Video: The foundation of an email security strategy
	The 5 A's of functional SAN security
	Effective storage security policies
	Smart options for safeguarding stored data
	Outfox SOX: How to make regulations work for you
	Roberta Bragg's 10 Windows hardening tips in 10 minutes
	Using free network intrusion detection and prevention tools to stop hacks
	Hacker techniques and exploits: Prevent system fingerprinting, probing
	How to stop hacker theft: Employee awareness, risk assessment policies
	Information Security Decisions Fall 2004: Speaker presentations

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

Research Solutions for Network Security, Access Control and Security Threats

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Site Index

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2009, TechTarget \| Read our Privacy Policy