Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Shadowed PW file under OSF/1
From: jim_bostwick () cargill com (jim_bostwick () cargill com)
Date: Tue, 11 Apr 95 10:50:10 -0500


on 10 Apr, Cenon B.C. Marana Jr. wrote: 

Checked yet found none.. maybe on newer versions.. actually am now on DEC 
OSF/1 ver 2.0.. any comments?

DEC OSF/1 has an optional (no fee, but you have to load it) C2 security kit. 
Turning that loose gets you shadow password files and other goodies. It
is subset OSFC2SECxxx, plus there's an associated admin tools subset. 
Be warned that it is a LOT easier to load C2 than to unload it if you don't
like it! Best to have a good dump of your current system to fall back on. This 
is all documented, and as always it's very good to RTFM before starting. 

Note that there will still be an /etc/passwd, but it won't be used. Which means
you *could* stuff some dummy userinfo in there...

IMHO, the motif account management tools are kind of grungy, though the 
audit reporter is useful. 
It works, and is able to generate incredibly detailed audits of system activity.
Also of using incredible amounts of disk if you turn all auditing options on ;-)

Hope this helps, 

-jim

Jim Bostwick
Cargill Inc. 



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]