UNIX Security Audit Work Program

Subscriber Content
Screenshot of the first page of UNIX Security Work Program

This work program outlines steps for performing an audit of the security of systems running the UNIX operating system. It reviews general system administration issues, account groups, remote and root logins, passwords, super-users, and related services.

Sample work steps include: verify that only one user (normally “root”) has UID 0. If multiple users have UID 0, verify that each is a valid superuser account, and that “root” is disabled or restricted (except for emergency situations) and verify that a shadow password file is being used. If not, inform the auditee that encrypted passwords in a world-readable file can be “cracked” and review “system accounts” to ensure that they have been disabled.

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.