Mailinglist Archive: opensuse (4749 mails)

< Previous Next >
Re: [SLE] Changing root?
  • From: John LeMay <jlemay@xxxxxxxx>
  • Date: Thu, 29 May 2003 02:12:31 -0400
  • Message-id: <3ED5A4CF.20303@xxxxxxxx>
On my NT server, I never leave the admin account named Administrator.
As that seems to be the first thing people always try to mess with.
So I usually have it named something very obscure.


I would have thought that someone who uses linux would already
know that security through obscurity is a fiction that only microsoft
believes anymore.

I would actually disagree. Security through obscurity works. Consider the example given. If a cracker does not know the administrator account name, nor the account name of any other user on the system, and he/she does not have physical access to the machine, how much more difficult is it for them to gain access to the machine than if they knew the admin account was simply names "administrator"? Probably difficult enough for them to give up and crack someone else's box instead.

An alternate solution, and probably equally effective, for *nix is to prevent the root user from being able to login remotely. Instead, require a normal user login and a su to root. The helps immensely in tracking down who did what and when - especially if your logging is configured properly.

--
John LeMay
KC2KTH
Senior Enterprise Consultant
NJMC | http://www.njmc.com | Phone 732-557-4848
Specializing in Microsoft and Unix based solutions


< Previous Next >
Follow Ups