1. Home
  2. Linux systems
  3. Linux security

Recipe 9.3 Finding Accounts with No Password

9.3.1 Problem

You want to detect local login accounts that can be accessed without a password.

9.3.2 Solution

# awk -F: '$2 == "" { print $1, "has no password!" }' /etc/shadow

9.3.3 Discussion

The worst kind of password is no password at all, so you want to make sure every account has one. Any good password-cracking program can be employed here?they often try to find completely unprotected accounts first?but you can also look for missing passwords directly.

Encrypted passwords are stored in the second field of each entry in the shadow password database, just after the username. Fields are separated by colons.

Note that the shadow password file is readable only by superusers.

9.3.4 See Also

shadow(5).



    		Preface
    		Chapter 1. System Snapshots with Tripwire
    		Chapter 2. Firewalls with iptables and ipchains
    		Chapter 3. Network Access Control
    		Chapter 4. Authentication Techniques and Infrastructures
    		Chapter 5. Authorization Controls
    		Chapter 6. Protecting Outgoing Network Connections
    		Chapter 7. Protecting Files
    		Chapter 8. Protecting Email
    		Chapter 9. Testing and Monitoring
    		Recipe 9.1 Testing Login Passwords (John the Ripper)
    		Recipe 9.2 Testing Login Passwords (CrackLib)
    		Recipe 9.3 Finding Accounts with No Password
    		Recipe 9.4 Finding Superuser Accounts
    		Recipe 9.5 Checking for Suspicious Account Use
    		Recipe 9.6 Checking for Suspicious Account Use, Multiple Systems
    		Recipe 9.7 Testing Your Search Path
    		Recipe 9.8 Searching Filesystems Effectively
    		Recipe 9.9 Finding setuid (or setgid) Programs
    		Recipe 9.10 Securing Device Special Files
    		Recipe 9.11 Finding Writable Files
    		Recipe 9.12 Looking for Rootkits
    		Recipe 9.13 Testing for Open Ports
    		Recipe 9.14 Examining Local Network Activities
    		Recipe 9.15 Tracing Processes
    		Recipe 9.16 Observing Network Traffic
    		Recipe 9.17 Observing Network Traffic (GUI)
    		Recipe 9.18 Searching for Strings in Network Traffic
    		Recipe 9.19 Detecting Insecure Network Protocols
    		Recipe 9.20 Getting Started with Snort
    		Recipe 9.21 Packet Sniffing with Snort
    		Recipe 9.22 Detecting Intrusions with Snort
    		Recipe 9.23 Decoding Snort Alert Messages
    		Recipe 9.24 Logging with Snort
    		Recipe 9.25 Partitioning Snort Logs Into Separate Files
    		Recipe 9.26 Upgrading and Tuning Snort's Ruleset
    		Recipe 9.27 Directing System Messages to Log Files (syslog)
    		Recipe 9.28 Testing a syslog Configuration
    		Recipe 9.29 Logging Remotely
    		Recipe 9.30 Rotating Log Files
    		Recipe 9.31 Sending Messages to the System Logger
    		Recipe 9.32 Writing Log Entries via Shell Scripts
    		Recipe 9.33 Writing Log Entries via Perl
    		Recipe 9.34 Writing Log Entries via C
    		Recipe 9.35 Combining Log Files
    		Recipe 9.36 Summarizing Your Logs with logwatch
    		Recipe 9.37 Defining a logwatch Filter
    		Recipe 9.38 Monitoring All Executed Commands
    		Recipe 9.39 Displaying All Executed Commands
    		Recipe 9.40 Parsing the Process Accounting Log
    		Recipe 9.41 Recovering from a Hack
    		Recipe 9.42 Filing an Incident Report
    		Colophon