Posted by: Administrator
on February 17, 2004 10:35 PM
Thanks for the reply.
There are 4 main things in security that we have to meet.
1. Login Attempts : lock out people after X number of tries.
2. Logs of password changes, logins, I/O accesses, and invalid permission file accesses.. even just looking at a file. Specific files that have to be logged are passwd, shadow, etc..
3. Banners before logins to be bypassed with a click of some sort. The banners specify the security level of the system.
4. Forced change of passwords every 6 months.
PAM w/Snare was able to accomplish 1,2,4. The Banner was configuration items in X and the getty's.
PAM was good for many things. In the end, as you said, it was PART of the solution.
Learn about Linux
Download Linux
Get Linux help
Re:PAM modules
Posted by: Administrator on February 17, 2004 10:35 PMThere are 4 main things in security that we have to meet.
1. Login Attempts : lock out people after X number of tries.
2. Logs of password changes, logins, I/O accesses, and invalid permission file accesses.. even just looking at a file. Specific files that have to be logged are passwd, shadow, etc..
3. Banners before logins to be bypassed with a click of some sort. The banners specify the security level of the system.
4. Forced change of passwords every 6 months.
PAM w/Snare was able to accomplish 1,2,4. The Banner was configuration items in X and the getty's.
PAM was good for many things. In the end, as you said, it was PART of the solution.
#