Wednesday, 20 August 2014

Remember to include a disclaimer in your herald

Many people forget to change the default "Welcome to AIX" login message, and message of the day and leave themseleves open to attackers claiming that they did not know this was a private system.

You should always change both the "/etc/security/login.cfg" and "/etc/motd" files because one is displayed before you login, and the other after you login.

# chsec -f /etc/security/login.cfg -s default -a herald="This is a private system\n\rLogin: "

If you are using Secure Shell:

1. create a login banner file.

# vi /etc/ssh/sshd-banner

2. Edit the sshd_config file.

# vi /etc/sshd/sshd_config

3. Add/edit the following line:

Banner /etc/ssh/sshd-banner
4. Restart the SSH daemon

# stopsrc -s sshd ; startsrc –s sshd

No comments:

Post a Comment