Dangerous Accounts
Every account on your computer is a door to the outside, a portal through which both authorized and unauthorized users can enter. Some of the portals are well-defended, while others may not be. The system administrator should search for weak points and seal them up.
Accounts Without Passwords
Like the lock on or guard at the front door of a building, the password on each one of your computer’s accounts is your system’s first line of defense. An account without a password is a door without a lock. Anybody who finds that door—anybody who knows the name of the account—can enter.
Many so-called “computer crackers” succeed only because they are good at finding accounts without passwords or accounts that have passwords that are easy to guess.
On SVR4 versions of Unix, you can scan for accounts without passwords by using the logins command:
# logins -p
You can also scan for accounts without passwords by using the command:[273]
% cat /etc/passwd | awk -F: 'length($2)<1 {print $1}'
george
dan
%
In this example, george and dan don’t have passwords. Take a look at their entries in the /etc/passwd file:
% egrep 'dan|george' /etc/passwd
george::132:10:George Bush:/usr/wash/george:/bin/csh
dan::133:10:Dan Quayle:/u/backyard/dan:/bin/csh
%
These two users have probably long forgotten about their accounts on this system. Their accounts should be disabled.
Tip
The /etc/passwd file may not be the correct file to check for missing passwords on systems that have shadow password files ...
Get Practical UNIX and Internet Security, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.