HostOnNet Blog

User Security

Looking for Linux Server Admin or WordPress Expert? We can help.

The first thing you should take stock of are the users with unlocked accounts. Users with unlocked accounts are allowed to login if assigned a valid shell, and should be kept to a minimum.

To get a list of unlocked users, execute the following:

# egrep –v ‘.*:*|:!’ /etc/shadow|awk -F: ‘{print $1}’

If you do not recognize any user returned by the above command, check to see if that user owns any files by executing:

# find / -path /proc -prune -o -user -ls

If the user does not own any files, or files that will not hinder the stability of your server, delete the user by executing:

# rmuser

Posted in Windows. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.