Hi again everyone! Thanks to ALL that responded to my query on changing the name for the root user. Some very interesting replies indeed! I have a new installation of SuSE 8.1 professional to do ASAP. May try some of your suggestions then, with a clean installation. I'll keep you posted (if you'll pardon the pun!) Thanks again Keith Roberts Surely it would be more difficult for any attacker to break into Linux if they did not know the username for the root account? I just wondered if it was possible to make root logins MUCH more secure with the following suggestions. When a NEW installation of Linux is done, allow the root user to select their -*OWN*- unique username for the root account in YaST, instead of the default 'root' username. Disallow the use of username 'root' for ALL root superuser logins. When a superuser logs-in they provide their unique username that they choose when installing Linux eg. under YaST. Each login program would need to be modified to reject the username of 'root'. The login program then checks say, password file for the unique root alias name (provided by superuser at installation time) and matches this up with the root account. If a matching root alias and a valid password for that alias name are present, then the superuser gets logged into the root account. The root account need not be touched in any way. The superuser alias name is just used as a 'WRAPPER' to protect the username of root for login purposes only. Would this be feasable to implement? This may have been implemented already. If it has - please let me know. Thankyou - Keith Roberts.
On Fri, 17 Jan 2003 keith.anthony.roberts@bigfoot.com wrote:
Surely it would be more difficult for any attacker to break into Linux if they did not know the username for the root account?
just one more command necessary: /bin/cat /etc/passwd and soon I'll see which username is used for UID 0, that's it. have not followed all replies in detail, but root is just a name, i.g. you may replace it by any other valid username. In theory it will work, in praxis you'll have problems with some programs (in particular those which use root as username instead of UID 0). Things might get more complicated for attackers if you use for example LDAP as authentification, there it's not that simple to get valid usernames. Achim
* Achim Hoffmann wrote on Thu, Jan 23, 2003 at 23:15 +0100:
Things might get more complicated for attackers if you use for example LDAP as authentification, there it's not that simple to get valid usernames.
Yes, interesting point. But in practice I still think that there is a name (claim) and a secret (prove), and to get it clear, the secret is secret :) oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.
On Fri, 24 Jan 2003, Steffen Dettmer wrote:
* Achim Hoffmann wrote on Thu, Jan 23, 2003 at 23:15 +0100:
Things might get more complicated for attackers if you use for example LDAP as authentification, there it's not that simple to get valid usernames.
Yes, interesting point. But in practice I still think that there is a name (claim) and a secret (prove), and to get it clear, the secret is secret :)
LDAP can be configured to return inexpressive errors (for example: "invalid login") for any combination of: valid username, valid password, unknown username, invalid password (where the tuple valid username with valid passowrd succeds, of course:) This way at least the usernme must be known (claimed), guessing is worthless or results in a brute force attack. (note shure about openldap for now) Achim
* Achim Hoffmann wrote on Sat, Jan 25, 2003 at 18:08 +0100:
On Fri, 24 Jan 2003, Steffen Dettmer wrote:
* Achim Hoffmann wrote on Thu, Jan 23, 2003 at 23:15 +0100:
Things might get more complicated for attackers if you use for example LDAP as authentification, there it's not that simple to get valid usernames.
Yes, interesting point. But in practice I still think that there is a name (claim) and a secret (prove), and to get it clear, the secret is secret :)
LDAP can be configured to return inexpressive errors
This way at least the usernme must be known (claimed), guessing is worthless or results in a brute force attack.
The same applies for good login / authentication services, normaly you should not learn if password or already the username is wrong. KDM is an exception, here you can see usually if a username exists (since the default session is read before password entering). But here you have the claim to be some user, and you have to prove you identity by proving that you know a secret, the password. oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.
participants (3)
-
Achim Hoffmann
-
keith.anthony.roberts@bigfoot.com
-
Steffen Dettmer