I have asked to perform below activities please guide how to do perform below activities.

• Make sure the Guest account is disabled or deleted.-
• Disabled or deleted anonymous access. –
• Set stronger UserID policies—
• Set Key Sensitive UserID By Default enable in linux
• Combination of numbers, letters and special characters (*,!,#,$,etc.)
• Status of UserID
• Type
• User Name
• Set stronger password policies
• Set the minimum password length to at least 8 characters.
• Set Key sensitive
• Set a password not equal to UserID
• Combination of numbers, letters and special characters (*,!,#,$,etc.)
• Force reset password every 30 days
• Set a password history maintenance (using the "Remember passwords" option), recommended value: 12.
• Blocking user ID after three failed attempts (set Status of UserID to Blocked)
• Configure the Administrator account
• Rename the account to a no obvious name (e.g., not "admin," "root," etc.).

Thanks
CJ

In what? Linux in general? X? Ftp? Webserver? Mail? Mysql?

1) None by default
2) None by default
3) What is a "userid policy", typically a policy for userid involves "User IDs will be first character of firstname and first 7 chars of last name" or something similiar, are you confusing it with a password policy?
4) What is a "key sensitive userid"? Case sensitive? It is by default.
5) I assume this is related to password?
6) This isn't a question.
7) This isn't a question.
8) This isn't a question.
9) Depends on distribution, but... (pam vs nopam)
10) Depends on distribution, but... (pam vs nopam)
11) It is by default if you mean case sensitive.
12) Cracklib support
13) Cracklib support
14) Cracklib support
15) Cracklib support
16) Depends on distribution, but... (pam vs nopam) (Enjoy being locked out of your system a lot? Seriously. Block IPs, don't block ID unless this machine can ONLY be logged into via console.)
17) This isn't a question and is meaningless.
18) Change it in passwd, shadow, and group... but expect some things to break. Better way is disable root login and make another id that shares the uid.

A lot of these didn't have enough detail to answer or weren't questions.

Furthermore attempting to secure a linux system without the level of knowledge required to ask these questions correctly and already know the answers to most of them is a hopeless endeavor on any system let alone a *nix system. You can't secure something you have no understanding of.

Some one has homework by the sound of things.

How to do these tasks? Simplest way will be to approach each one in turn, see if any come under some sort of umbrella setting (you dont specify where these accounts are, what they are for, so can't really help) but most configuration files will explain how to set stuff like this quite simply within them.

Can't help without more infomation at the end of the day.

@cj_cheema: Where did you get this list? Several of the items are complete nonsense.

It looks like someone took a Windows checklist and "adapted" it (except not quite) for a Linux host.

1 members found this post helpful.