#serial 1
echo " Authorized users only. All activity may be monitored and reported " > /etc/motd

#serial 3
sed -i 's/umask 022/umask 027/g' /etc/profile

#serial 4
cp -p /etc/pam.d/system-auth /etc/pam.d/system-auth_bak
sed '/pam_env.so/a\auth        required      pam_tally2.so deny=6 onerr=fail no_magic_root unlock_time=120' /etc/pam.d/system-auth

#serial 5
cp -p /etc/profile /etc/profile_bak
cp -p /etc/csh.cshrc /etc/csh.cshrc_bak
echo "TMOUT=180" >> /etc/profile
echo "export TMOUT" >> /etc/profile
echo "set autologout=30" >> /etc/csh.cshrc

#serial 6
cp -p /etc/pam.d/system-auth /etc/pam.d/system-auth_bak
touch /etc/security/opasswd
touch /etc/security/opasswd
chown root:root /etc/security/opasswd
chmod 600 /etc/security/opasswd

#serial 7
/bin/sed -i 's/lp:\*/lp:!!/g' /etc/shadow
/bin/sed -i 's/uucp:\*/uucp:!!/g' /etc/shadow
/bin/sed -i 's/nobody:\*/nobody:!!/g' /etc/shadow
/bin/sed -i 's/games:\*/games:!!/g' /etc/shadow
/bin/sed -i 's/rpm:\*/rpm:!!/g' /etc/shadow
/bin/sed -i 's/smmsp:\*/smmsp:!!/g' /etc/shadow
/bin/sed -i 's/nfsnobody:\*/nfsnobody:!!/g' /etc/shadow

#serial 8
echo "all:all:ALLOW" >> /etc/hosts.allow
echo "all:all:DENY"  >> /etc/hosts.deny

#serial 12
echo " Authorized users only. All activity may be monitored and reported "   > /etc/sshbanner
chmod 644 /etc/sshbanner
echo "Banner /etc/sshbanner" >> /etc/ssh/sshd_config 
service  sshd start

#serial 13
cp -p /etc/login.defs /etc/login.defs_bak
sed -i 's/PASS_MIN_LEN    5/PASS_MIN_LEN    8/g' /etc/login.defs
sed -i 's/PASS_MAX_DAYS   99999/PASS_MAX_DAYS   90/g' /etc/login.defs

#serial 14