"Crack" and "John the Ripper"

If for some reason your passwd program is not enforcing hard-to-guess passwords,
you might want to run a password-cracking program and make sure your users’
passwords are secure.
Password cracking programs work on a simple idea: they try every word in the dictionary,
and then variations on those words, encrypting each one and checking it
against your encrypted password. If they get a match they know what your password
is.

There are a number of programs out there...the two most notable of which are "Crack"
and "John the Ripper" (http://www.openwall.com/john/) . They will take up a lot of
your CPU time, but you should be able to tell if an attacker could get in using them by
running them first yourself and notifying users with weak passwords. Note that an
attacker would have to use some other hole first in order to read your /etc/passwd
file, but such holes are more common than you might think.
Because security is only as strong as the most insecure host, it is worth mentioning
that if you have any Windows machines on your network, you should check
out L0phtCrack, a Crack implementation for Windows. It’s available from
http://www.l0pht.com
CFS - Cryptographic File System and TCFS - Transparent
Cryptographic File System
CFS is a way of encrypting entire directory trees and allowing users to store encrypted
files on them. It uses an NFS server running on the local machine. RPMS
are available at http://www.zedz.net/redhat/, and more information on how it all
works is at ftp://ftp.research.att.com/dist/mab/.
TCFS improves on CFS by adding more integration with the file system, so that
it’s transparent to users that the file system that is encrypted. More information at:
http://www.tcfs.it/.
It also need not be used on entire file systems. It works on directory trees as well.