Locking Down Security
IN THIS CHAPTER
Adding user accounts and changing user settings with useradd
Changing user accounts with usermod
Deleting users with userdel
Adding, changing, and managing passwords with passwd
Managing groups with groupadd, groupmod, and groupdel
Seeing who's logged in with last, lastb, and who
Configuring firewalls with iptables
Checking out advanced security with SELinux, tripwire, and APT
Securing your Linux system means first restricting access to the user accounts and services on that system. After that, security means checking that no one has gotten around the defenses you have set up.
Ubuntu, Debian, and other systems based on those Linux distributions are designed to be secure by default. That means that there are no user accounts with blank passwords, and that most network services (web, FTP, and so on) are off by default (even if their software is installed).
Although many of the commands covered in this book can be used to check and improve the security of your Linux system, some basic Linux features are particularly geared toward security. For example, secure user accounts with good password protection, a solid firewall, and consistent logging (and log monitoring) are critical to having a secure Linux system. Commands related to those features, plus some advanced features, such as SELinux and tripwire, are covered in this chapter.
Working with Users and Groups
During most Linux installation procedures, you are asked to assign a password to ...