Last meeting we talked about security and a few comments that could be used to help with this process.

We talked about using the awk command to show what accounts have been set to root lvl access and to show what accounts do not have passwords.

Command	Comments
awk -F: '($3 == "0") {print}' /etc/passwdshow	accounts with root lvl access
awk -F: '($2 == "") {print}' /etc/shadow	show accounts without a password

We also talked about the tree commend and a couple different uses of the find commend

Command	Comments
tree -L 2	generates a tree 2 levels deep
find / -user root -perm -4000 -print find / -group kmem -perm -2000 -print	Look for setuid and setgid files (especially setuid root files) everywhere on your system. Intruders often leave setuid copies of /bin/sh or /bin/time around to allow them root access at a later time. The UNIX find(1) program can be used to hunt for setuid and/or setgid files. For example, you can use he following commands to find setuid root files and setgid kmem files on the entire file system
find {directory path} -mtime 0	finds files changed within last 24 hours with the selected directory

We also took a look at a website the covered a number of areas of importance. It covered things like

• Intorduction to Networking
• Installing Linux Software
• Samba Security and Troubleshooting
• Linux Firewalls Using iptables
• Configuring Linux Mail Servers
• Controlling Web Access with Squid