This is one of those messages that it's difficult to emphasize too much: Secure passwords and secure machines are the first line of defense against electronic break-ins. Follow the password rules outlined in Chapter 19, especially if you're the Root user. Having access to the Root account is the holy grail for an attacker. Protect that account and that password with everything you have. Enforce the password standards mercilessly on your users as well.
If you are the sysadmin on a company SUSE Linux server, be aware that changes in people's employment status can create problems for you. Former employees are often the source of attacks on servers. Have a policy in place for what happens to user accounts when someone leaves your company. That policy need not be draconian, but it should be fair to all concerned. Make sure everyone knows what it is, and enforce it consistently.
Was this article helpful?