Re: changing root account name
From: Jose Nazario (jose@biocserver.BIOC.cwru.edu)Date: 10/30/01
- Previous message: Herbert Kwong: "chkrootkit-0.34 report"
- Next in thread: kam: "Re: changing root account name"
- Reply: kam: "Re: changing root account name"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 30 Oct 2001 17:25:07 -0500 (EST) From: Jose Nazario <jose@biocserver.BIOC.cwru.edu> To: Kurt Yoder <kylist@shcorp.com> Subject: Re: changing root account name Message-ID: <Pine.LNX.4.30.0110301723030.32481-100000@biocserver.BIOC.CWRU.Edu>
On Tue, 30 Oct 2001, Kurt Yoder wrote:
> Would there be any benefit in changing the account name of "root"? For
> instance, I could change the uid 0 account to have the name "foobar".
> Then, if someone were trying to break into the root account, they
> would have an additional step; instead of logging in as root, they'd
> first have to find out what the uid 0 account was called. Of course,
> "su" would always work, but an attempted root login via the network
> would be more difficult, right?
there are far more efficient ways to getting uid zero access rather than
using ssh target -l root or whatever. just smash a stacke or format your
own string on a process running as uid 0 and voila, you are uid 0.
changing the uid 0 login name is hardly worth doing. besides, a few pieces
of low quality software may expect uid 0 == root and hardcode that. your
move may break that.
hope that helps,
____________________________
jose nazario jose@cwru.edu
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
- Previous message: Herbert Kwong: "chkrootkit-0.34 report"
- Next in thread: kam: "Re: changing root account name"
- Reply: kam: "Re: changing root account name"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
