Date: Tue, 1 Jan 2002 22:26:44 +0100 From: Cliff Sarginson <cliff@raggedclown.net> To: FreeBSD-questions@freebsd.org Subject: Re: Can I rename root? Message-ID: <20020101212644.GD3117@raggedclown.net> In-Reply-To: <20011231154733.A832@localhost> References: <20011229154552.B855@localhost> <20011230103317.A474@localhost> <20011231154733.A832@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Dec 31, 2001 at 03:47:33PM +0100, Rogier Steehouder wrote: > On 30-12-2001 10:33 (+0100), Rogier Steehouder wrote: > > On 29-12-2001 15:45 (+0100), Rogier Steehouder wrote: > > > A simple question: Can I rename root? > > > > I only got the advise: Don't. iThanks for the advise, but since noone > > knew any programs explicitly, I did it anyway. > > A short review of some of the comments I got (and my answers): > > - Some people suppose I do this as some sort of security measure: Security > by obscurity. (And isn't admin a bit predicatable then?) > > Well, obscurity helps of course, but it is no substitute for bad > maintenance. I know that and the main reason I wanted it changed was > easthetics. I like the new name better, so why wouldn't I be able to > change it. (And no, it's not 'admin'. That IS a bit predictable.) Mmm. "root" being such an ugly word ? You can always have another user with UID 0 you know, with a name to your taste. > > And Cliff, all that information you could find out about my system (and > more) has probably been mentioned earlier in the mailing list. If I want > usable tips, I have to give up some info, don't I? But I am curious how > you would determine my FreeBSD version in just a few seconds. This is easy to do, and also (sometimes) easy to prevent if you set your firewall up correctly. Unfortunately preventing it has a few conseqences that are a bit of a pain..but that is not the topic under discussion. > Besides, > half the info you mention I can extract from your mail headers as well > if you haven't faked them. You are missing the point. I am saying that as an attempt to prevent your system being cracked changing "root" is a non-starter. I was trying to point out the kind of information I have or could find out about you and say that is where crackers look to crack...as well as all the port scans etc etc.. Of course it is more or less useless to ask a question on such a list as this without saying something about your system ! The point is that effort is better spent on securing the system at a level where it matters. Despite all the "script-kiddies" there are a lot of people cracking systems who are very very knowledgeable, who probably dream about flaws they can find in the TCP/IP stack implementations. -- Regards Cliff To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020101212644.GD3117>