On my NT server, I never leave the admin account named Administrator.
As that seems to be the first thing people always try to mess with. So I usually have it named something very obscure.
I would have thought that someone who uses linux would already know that security through obscurity is a fiction that only microsoft believes anymore.
I would actually disagree. Security through obscurity works. Consider the example given. If a cracker does not know the administrator account name, nor the account name of any other user on the system, and he/she does not have physical access to the machine, how much more difficult is it for them to gain access to the machine than if they knew the admin account was simply names "administrator"? Probably difficult enough for them to give up and crack someone else's box instead. An alternate solution, and probably equally effective, for *nix is to prevent the root user from being able to login remotely. Instead, require a normal user login and a su to root. The helps immensely in tracking down who did what and when - especially if your logging is configured properly. -- John LeMay KC2KTH Senior Enterprise Consultant NJMC | http://www.njmc.com | Phone 732-557-4848 Specializing in Microsoft and Unix based solutions