From: Frederic E. Hughes (hughesf@simcenter.hua.army.mil)
Date: Fri Jun 20 2003 - 16:57:58 EDT
We are required to verify that all email accounts on a system change
their passwords on a minimum of 180 days. We found several tha appeared
to have not been logged into in the last 180 days. using admintool the
accounts were still set at create password on first login. checking the
shadow file we found that these accounts had no password. we can
loginto the machine without a password. This is a serious violation of
our requirements for security on this network.
Does anyone know how this is happening and a cure for it?
-- _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:26:37 EDT