Australia's Leading Computer Emergency Response Team

UNIX and Linux Security Checklist v3.0 Notes - IRIX
Date: 13 February 2007
Original URL: http://www.auscert.org.au/render.html?cid=1937&it=5823

OS Specific footnotes - IRIX
OS Specific Footnotes - IRIX
General

Refer to part II of "IRIX Admin: Backup, Security and Accounting" available at http://techpubs.sgi.com/library/tpl/cgi-bin/download.cgi?coll=0650&db=bks&docnumber=007-2862-001

E.2.2 Special accounts

Review the state of passwords on accounts that are installed by default in IRIX. Depending on the IRIX version, several of these accounts may be installed with widely-known or empty passwords.

Some of the accounts that may be installed with empty passwords are:
guest
demos
EZsetup
OutOfBox
4Dgifts
nuucp
lp
root

Other accounts may be added with known passwords. Here is a partial list of accounts that may have easily guessed passwords.
lp
field
tutor
tour
4Dgifts

E.3.1.2 Shadow passwords

IRIX is able to support shadow passwords, but may not be using them by default. Use pwconv(1M) to convert to use the shadow password scheme.

H.1.1 Identify host firewall software

ipfilterd is the native host firewall system on IRIX. Detailed instructions as well as a sample configuration file are provided in the man page for ipfilterd(1M).

A flexible alternative is IP Filter (ipf) which also supports IRIX. Information on using IP Filter is available from the upstream site at http://coombs.anu.edu.au/~avalon/