Differences between trusted and non-trusted systems?

1. A trusted system allows system auditing to be turned on.  Non-trusted systems run with system auditing      

2.Trusted systems have improved password management.

Some features:
a.grace period and expiration period for passwords.
b.specify system-wide password aging
c.specify an absolute account life
d.disable accounts after repeated login failures.
d.Passwords lengths of up to forty (40) characters
e.access a random password generator

3.Trusted systems have additional login restrictions, while non-trusted systems do not.

4. A trusted system has shadowed passwords, while a non-trusted system does not have shadowed  
 passwords. Shadowed passwords are kept in locations other than /etc/passwd. This prevents
 users from viewing the /etc/passwd file and determining which accounts do not have passwords. 

This also prevents hackers from running "password cracker programs" against passwords in the
/etc/passwd file.

Post a Comment