Here's the problem:
We need to find a way to make our password file more secure. Years
ago (on Ultrix) we were able to shadow the file. However, periodic
attempts to find a way to do this on DU have all come up empty handed.
Does anyone know of a password shadowing program that will compile
easily on DU 4.0e? C2 is really not an option for us.
Why shadow? Because we want to stop people who have access to the
machine from being able to obtain a copy of the password file.
Here is background you're going to need:
1) We do NOT want to use C2 security because we don't have anyone on
staff who can serve as a security administrator. In other words, I
can handle routine stuff, but I'm not qualified to administer C2
...nor do I have the time to be.
2) There are only about 150-200 users (all employees...no students)
that are able to log directly into the server. The remaining users
have a false shell assigned to them.
3) We have been hacked before (when remote telnet was wide open).
However, since then we put up a firewall so we now require remote
telnet users to enter a firewall password before they can get through.
4) Our machine is used ONLY for E-mail and ListServ. Oh...and it
runs Netscape Admin. in order to serve a few secure web pages.
Hardware details:
1) Alpha 1000 running DU 4.0e, patched.
2) Sendmail 8.9.3
3) Qpopper 2.5.3
4) TCPwrappers...whatever shipped with 4.0e -- yes it is enabled.
Thanks for any help you can provide.
Debby Quayle
E-mail Admin.
Hamilton College
Received on Wed Mar 29 2000 - 15:51:42 NZST