1. A trusted system allows system auditing to be turned on. Non-trusted systems run with system auditing
disabled.
2.Trusted systems have improved password management.
Some features:
a.grace period and expiration period for passwords.
b.specify system-wide password aging
c.specify an absolute account life
d.disable accounts after repeated login failures.
d.Passwords lengths of up to forty (40) characters
e.access a random password generator
3.Trusted systems have additional login restrictions, while non-trusted systems do not.
4. A trusted system has shadowed passwords, while a non-trusted system does not have shadowed
passwords. Shadowed passwords are kept in locations other than /etc/passwd. This prevents
users from viewing the /etc/passwd file and determining which accounts do not have passwords.
This also prevents hackers from running "password cracker programs" against passwords in the
/etc/passwd file.
No comments:
Post a Comment