Linux isn't as security inconsious as say, Windows NT, but it does have it's problems. Lots of them. And fortunately, there are ways to slow down the crackers, or make it not worth their while to break into your system. Here are some resources about security and below are some steps you can take to make sure that your box is more secure than it started out.
The first step is to make sure that every account on your system has a password, and that the password isn't something stupid like 'password' or 'admin' or whatever else you think would be an easily guessable password. (If it's in the dictionary, it's a bad password.) If you're worried about crackers, disable the guest account, too. For a system as small as one here at Wellesley is likely to be, you won't need it anyway.
The easiest way to make sure that every account has a valid password is to log in as root and then to:
After doing that, there are several things you can do to make yourself safer. I've listed them below in an order that I think makes sense, but you can feel free to ignore what I've written here and go your own way. (After all, that's what I'm doing with this independent study.)
Password Shadowing moves the passwords to the /etc/shadow file, which is
readable only by root, and isn't even writable by root.
In RedHat Linux 5.0 and greater, this is staggeringly simple to implement,
and it's a really good idea to implement it sooner rather than later.
What this does is remove the encrypted passwords from the passwd file and
put them someplace else. This is a good idea because the passwd file is
world readable - it has to be for things like finger and other programs
that talk about who's on your machine to run. But if your passwd file is
world readable, a cracker can snag it with relative ease and then take her
leisure breaking the passwords in the file without you ever realizing it's
This will check to make sure that you have the password shadowing RPM installed on Linux. If you didn't mess around with your config too much when you created your system, this should come up a yes. Otherwise, you'll have to install the RPM. (I'll figure out how to do that some other time.) If it comes up a yes, then go on to the next step...
SSH and Slogin
SSH provides encrypted transmissions between your server and the outside
world. Instructions and further motivation for installing it are
available within the Applications section, under SSH.
Password Shadowing moves the passwords to the /etc/shadow file, which is readable only by root, and isn't even writable by root.