Manualshelf

Reference Guide

ManualsBrandsDell ManualsBSAFEBSAFE Crypto-J
12345678910
10 Crypto-C ME Cryptographic Toolkit
RSA BSAFE Crypto-C Micro Edition 4.1 Security Policy
Level 1
HP-UX
To configure single user mode for systems running an HP-UX operating system:
1. Log in as the
root user.
2. Edit
/etc/passwd and remove all the users except root and the pseudo-users.
Make sure the password fields for the pseudo-users are a star (
*). This prevents
login as the pseudo-users.
3. Edit
/etc/nsswitch.conf so files is the only option for passwd and group.
This disables the Network Information Service (NIS) and other name services for
users and groups.
4. Edit
/etc/inetd.conf to remove or comment out the lines for remote login,
remote command execution, and file transfer daemons such as
telnetd,
rlogind, remshd, rexecd, ftpd, and tftpd.
5. Reboot the system for the changes to take effect.
IBM AIX
To configure single user mode for systems running an IBM AIX operating system:
1. Log in as the
root user.
2. Edit
/etc/passwd and remove all the users except root and the pseudo-users.
Make sure the password fields for the pseudo-users are a star (
*). This prevents
login as the pseudo-users.
3. Remove all lines beginning with a plus sign (
+) or minus sign (-) from
/etc/passwd and /etc/group. This disables the Network Information
Service (NIS) and other name services for users and groups.
4. Edit
/etc/inetd.conf to remove or comment out the lines for remote login,
remote command execution, and file transfer daemons such as
telnetd,
rlogind, remshd, rexecd, ftpd, and tftpd.
5. Reboot the system for the changes to take effect.
FreeBSD
To configure single user mode for systems running a FreeBSD operating system:
1. Log in as the
root user.
2. Edit
/etc/passwd and /etc/shadow to remove all the users except root and
the pseudo-users (daemon users). Make sure the password fields in
/etc/shadow for the pseudo-users are either a star (*) or double exclamation
mark (
!!). This prevents login as the pseudo-users.
3. Edit
/etc/nsswitch.conf so files is the only option for passwd, group, and
shadow. This disables the Network Information Service (NIS) and other name
services for users and groups.
4. In the
/etc/xinetd.d directory, edit rexec, rlogin, rsh, rsync, telnet,
and
wu-ftpd, setting the value of disable to yes.
5. Reboot the system for the changes to take effect.