I have a few AIX security related questions:

1. What would be the file contain the list of network services?

2. Does the permission for /var/adm/utmp and /var/adm/utmpx have to be
equal 644? Why?

3. What is a umask? Does the umask value have to be 27? Why?

4. In AIX, would it provide a better security to access root only through su
command?

5. Run awk -F: '{if ($2 == "") print $1}' /etc/passwd
Can the command be used to see users without a password?

6. Run awk -F: ' {if ($3 ==0) print $1}' /etc/passwd Can the command be
used to see whose UID is zero?

7. find .-type f -perm -o+w -print
Can the command be used to see permissions for a file or directory?

Would above items be considered good security related questions in AIX?

8. How similar of the commands between Solaris and AIX?

Thanks.

Sherman H. <shung@earthlink.net> wrote:
SH> I have a few AIX security related questions:

SH> 1. What would be the file contain the list of network services?
SH> 2. Does the permission for /var/adm/utmp and /var/adm/utmpx have to be
SH> equal 644? Why?
SH> 3. What is a umask? Does the umask value have to be 27? Why?
SH> 4. In AIX, would it provide a better security to access root only through su
SH> command?
SH> 5. Run awk -F: '{if ($2 == "") print $1}' /etc/passwd
SH> Can the command be used to see users without a password?
SH> 6. Run awk -F: ' {if ($3 ==0) print $1}' /etc/passwd Can the command be
SH> used to see whose UID is zero?
SH> 7. find .-type f -perm -o+w -print
SH> Can the command be used to see permissions for a file or directory?
SH> Would above items be considered good security related questions in AIX?
SH> 8. How similar of the commands between Solaris and AIX?

Sherman,

Is this homework?

Regards,

Nicholas

--
"Why shouldn't I top-post?" http://www.aglami.com/tpfaq.html
"Meanings are another story." http://www.ifas.org/wa/glossolalia.html

> SH> 1. What would be the file contain the list of network services?
> SH> 2. Does the permission for /var/adm/utmp and /var/adm/utmpx have to be
> SH> equal 644? Why?
> SH> 3. What is a umask? Does the umask value have to be 27? Why?
> SH> 4. In AIX, would it provide a better security to access root only through su
> SH> command?
> SH> 5. Run awk -F: '{if ($2 == "") print $1}' /etc/passwd
> SH> Can the command be used to see users without a password?
> SH> 6. Run awk -F: ' {if ($3 ==0) print $1}' /etc/passwd Can the command be
> SH> used to see whose UID is zero?
> SH> 7. find .-type f -perm -o+w -print
> SH> Can the command be used to see permissions for a file or directory?
> SH> Would above items be considered good security related questions in AIX?
> SH> 8. How similar of the commands between Solaris and AIX?
>
> Sherman,
>
> Is this homework?
>

You can easily find most of the answers with
man passwd, man find, man awk and perhaps man login.
If you don't have access to an AIX box, the answers of
Linux/FreeBSD/OSF1/Solarix/HPUX or whatever *NIX you can get your hands
on will explain the basics of the login process, awk and find.

Your questions are not really AIX related.

But to give you a few hints:
When you check for accounts with no passwd set, check also that those
accounts are locked.
The passwords are not stored in /etc/passwd. The file with the passwords
is usually only readable by root. If you find a *NIX system with the
encrypted/hashed passwds in /etc/passwd you've found a relict of the
*NIX stone age when real programmers debugged their programs buy holding
paper strips against the light.

The question about forcing "su" instead of a direct login, is a question
of network security and accounting.
"su" is usually logged, so you can see who which user su-ed to root, but
root can purge this log.



Good Luck with *NIX!

---
Uli