Re: Rename root to avoid hacking?
From: Colin McKinnon (colin.deletethis_at_andthis.mms3.com)
Date: 09/22/05
- Next message: Rick Moen: "Re: Rename root to avoid hacking?"
- Previous message: matt_left_coast: "Re: Rename root to avoid hacking?"
- In reply to: Vilmos Soti: "Re: Rename root to avoid hacking?"
- Next in thread: Carlos Moreno: "Re: Rename root to avoid hacking?"
- Reply: Carlos Moreno: "Re: Rename root to avoid hacking?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 22 Sep 2005 09:17:57 +0100
Vilmos Soti wrote:
> Noozer <dont.spam@me.here> wrote:
>
>> If I rename root, it eliminates a known user for a hacker to try to break
>> in as.
>
> Another thing I was thinking about was to rename /bin/sh to something
> else since a lot of exploits contain an 'exec /bin/sh' in some form.
>
> But I discarded the idea, since while it could be a relative effective
> way to stop automated attacks, it would also render my box unusable
> since a lot of legal (on my box) programs also have 'exec /bin/sh'.
>
> Renaming root or /bin/sh is not the best way to protect your box.
> It will cause a lot of headache, and at the end, you will undo your
> "security" change.
>
It's certainly not a starting point for securing a box. And I agree that it
has limited value. Yeah "root" provides a convenient starting point for
dictionary attacks, but who in their right mind actually allows users to
logon as root anywhere but on the console? (OK, SuSE for one - the default
sshd_config permits root logins).
C.
- Next message: Rick Moen: "Re: Rename root to avoid hacking?"
- Previous message: matt_left_coast: "Re: Rename root to avoid hacking?"
- In reply to: Vilmos Soti: "Re: Rename root to avoid hacking?"
- Next in thread: Carlos Moreno: "Re: Rename root to avoid hacking?"
- Reply: Carlos Moreno: "Re: Rename root to avoid hacking?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
