IN THIS CHAPTER
Add user accounts and change user settings with useradd
Change user accounts with usermod
Delete users with userdel
Add, change, and manage passwords with passwd
Manage groups with groupadd, groupmod, and groupdel
See who's logged in with last, lastb, and who
Configure firewalls with iptables
Manage log files with logrotate and logwatch
Check out advanced security with SELinux, tripwire, and RPM
Securing your Linux system means first restricting access to the user accounts and services on that system. After that, security means checking that no one has gotten around the defenses you have set up.
Fedora, Red Hat Enterprise Linux, CentOS, and other systems based on those Linux distributions are designed to be secure by default. That means that there are no user accounts with blank passwords, that the firewall is restrictive by default, and that most network services (Web, FTP, and so on) are off by default (even if their software is installed).
Although many of the commands covered in this book can be used to check and improve the security of your Linux system, some basic Linux features are particularly geared toward security. For example, secure user accounts with good password protection, a solid firewall, and consistent logging (and log monitoring) are critical to having a secure Linux system. Commands related to those features, plus some advanced features, such as SELinux and tripwire, are covered in this chapter.