Chapter

System Security Four common sense rules

Account Security
File Permissions
Data Encryption
 Chapter Objectives

• Recognize the four common sense rules of security

• Understand the account security

• Understand the file permission

• Understand the data encryption

Four common rules of security

• Don’t put files on your system that are likely to be interesting

to hackers or nosy employees.
• Don’t provide places for hackers to build nests on your system.
Hackers often break into one system and then use it as a base
of operations to get into other systems.
• Set basic traps on systems that are connected to the Internet.
Tools such as anti-viruses, anti-spywares and firewall.
• Monitor the reports generated by the security tools. A minor
problem that is ignored in one report may grow into a major
problem.
 Account Security
• Password security :-
 Many users choose poor passwords.
 Many other users don’t have passwords.
 Most resist changing their passwords.
• Root accounts :-
 It is easiest to track changes and security violations when very few people
who have root access.
• Guest accounts :-
 Create guest accounts for the time it s needed. Remove the account
when its purpose is completed. Do not use ‘guest’, instead use account
name such as ‘fixomini’, ‘oratmp’.
• User accounts :-
 User accounts should not be shared. Remove user accounts upon
termination.
 File Permissions
• Entities:-
1. Owner
2. Group
3. World
1. Owner :-
 Each file and directory (a special type of file) has an “owner.” This is the
user account that has primary power over the file, allowing it to do things
like change the file’s permissions.
2. Group:-
 Each file has a group account associated with it. This group, like the user
account that is the file’s owner, has its own set of access permissions to
the file.
3. World:-
 This last permission category covers “everyone else” — any accounts that
are not the owner or a member of the file’s group.
Data Encryption