Profile

Both modern Windows systems (e.g., Windows Server 2008 and 2008 R2) and Active Directory, like Linux and Solaris systems, allow you to configure password policies that determine how long and complex your users’ passwords must be, providing a first line of defense for your systems.

If shutting off telnet access and insisting that all system-to-system connections use ssh isn't enough to toughen your system's hide, here's another way to make your servers just a little more difficult to access -- run ssh on a non-standard port. Unless unwelcome users are pointing port scanners at the system to detect active ports, they are not likely to figure out why they're not able to log in. While there are, of course, many ways to prevent normal users from logging into a system, this is one which provides a way to reduce access to a system while changing almost nothing about its configuration.

User password security has improved a lot over the years. In Solaris, for example, users are generally required to have at least six characters in their passwords and they have to include a digit or a special character like a $ or an !. What might not be immediately obvious is that the rules that govern what kind of passwords your users are allowed to assign to themselves in Solaris 10 are actually highly tunable. Let's cd over to the /etc/default directory and take a look.

Ever need to clean up some sloppy text? You can squeeze out extra white space with some very simple Perl commands. Let's take a look at how this works.