Use find as described in Chapter 22 to locate SUID files. Is the list larger than you expected? Are the entries on your list justifiably SUID programs?
Create an entry in /etc/sudoers that lets your user account run any command as root. Run some commands through sudo and watch the file /var/log/messages. What entries do you see? How would this be useful in a multiadministrator environment?
Look at the file /etc/shadow. What user accounts do not have passwords? Why don’t they?
Experiment with the chage command to set the password age for your account.
Run ulimit –a. What default limits are set? What would be some useful limits to place on users?
Run netstat --tcp –anp | grep LISTEN. What processes on your system are listening on TCP ports? If you were to harden this system, how would you change this configuration?
Run nmap localhost. Does this output match what you saw from the previous netstat command? Why or why not?
If you have xinetd installed, go to the /etc/xinetd.d directory and determine what services are enabled.
Run ssh-keygen –t dsa. What files were created in ~/.ssh? What are the permissions on those files?