Re: Renaming root account
From: Alec Berryman (alec_at_thened.net)
Date: 03/03/05
- Previous message: Craig Edwards: "Re: Renaming root account"
- In reply to: Craig Edwards: "Re: Renaming root account"
- Next in thread: Greg Barniskis: "Re: Renaming root account"
- Reply: Greg Barniskis: "Re: Renaming root account"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 3 Mar 2005 07:57:02 -0500 To: freebsd-security@freebsd.org
Craig Edwards on 2005-03-03 08:53:54 +0000:
> Basically i am aware of the fact that other systems (for example
> windows) let you change the administrative user's username to
> enhance security that little bit more.
On our networks we have certainly changed the Windows Administrator
account's name, but that's mostly because there's no good way to
remotely log in as an unprivileged user and perform the equivalent of
'su -'. [1]
I suggest that instead of changing root's username that you simply
disallow direct remote logins as root and require anyone who needs
root access to go through an unprivileged user account. I would
guess with the level of security measures you've put in place this has
already been done, but I didn't see you mention it. Certainly you
mentioned that changing root's username won't fool local users, but I
think that disallowing remote logins as root provides the same end as
changing the Administrator account on Windows.
> Security through obscurity on its own is not a good method of
> securing a network but when combined with other systems, it can be
> an advantage.
There's certainly nothing wrong with obscuring things a little as long
as it's only part of the whole security plan.
[1] I'm no Windows guru - if there is a way I'd certainly like to know!
- application/pgp-signature attachment: stored
- Previous message: Craig Edwards: "Re: Renaming root account"
- In reply to: Craig Edwards: "Re: Renaming root account"
- Next in thread: Greg Barniskis: "Re: Renaming root account"
- Reply: Greg Barniskis: "Re: Renaming root account"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
