There are numerous versions of UNIX and all have different default settings. Most systems are installed with only basic security and it is up to the system administrator to plug any holes. Also, there are several levels of security and which one is best will vary from environment to environment. Below are some general guidelines that are applicable in almost all environments. These tips are helpful even if your system is not connected to the Internet - the vast majority of computer break-ins originate from an internal source.
Rename the Administrator account
In order to compromise your system, a hacker needs two pieces of information - a username and the matching password. When your system is installed, an account named "root" is created which has all administrative privileges on the system. Because of this, a hacker already has half of the information he needs to break in to your system. If you rename the account to something different, you add an extra level of obscurity and it is more difficult to break in to your system.
Disable any unnecessary accounts
When your system in installed, it generally creates several additional user accounts. These accounts, and their permissions, vary from vendor to vendor so it is best to familiarize yourself with them. The unnecessary ones should be disabled or deleted as appropriate.
Install the latest patches and fixes
Any time a vendor is notified of a security weakness in their system, they create a patch for it. It is important that you make yourself aware of any such patches and install them as they become available. Your vendor's web site is probably the best source for this information. Also, you may be able to join an email list to receive notifications automatically.
Enforce physical security
At a minimum, your systems should be treated as any valuable item and be kept in a safe location. In a highly relaxed environment, this means at least keeping your systems out of the way of the general public. In most cases, it is best to keep your systems in a locked server room, where only specifically authorized users have access to them.
Always remember to logout or lock the workstation
When you leave the system you are working on, you should be sure to either logout from the system, or lock it. If you do not do this, any person passing by will have full access to the system using your account. It is also a good idea to use a password-protected screensaver on your system in case you forget to logout or lock the system.
Implement a password policy
Accounts in all but the most relaxed environment should always have a password. But simply having a password is not always enough - it is important to use strong passwords. For example, if you work for Acme Manufacturing, "acme" would be a very poor password choice. It is also a bad idea to write down your passwords.
It is also a very good idea to install shadow passwords, or some other password enhancement, if your system does not use them automatically. Because the password file on a UNIX system must be readable by everyone, it can easily be copied and then decrypted offline on another system. Shadow passwords remove the actual passwords from the password file and store them in a separate, secure file.
What else can you do?
While we have outlined a few basic security guidelines, it is best to perform a complete security audit on your systems. Because an audit must be specifically tailored to your environment, we could never outline it here. NetInterface Consultings staff is fully trained in many versions of UNIX and in computer security and can discuss this with you further. Contact us to arrange a free consultation and a complete security audit of your systems.