From owner-freebsd-questions Tue Jan 1 13:26:50 2002 Delivered-To: freebsd-questions@freebsd.org Received: from post.mail.nl.demon.net (post-10.mail.nl.demon.net [194.159.73.20]) by hub.freebsd.org (Postfix) with ESMTP id 0B30A37B420 for ; Tue, 1 Jan 2002 13:26:47 -0800 (PST) Received: from [212.238.194.207] (helo=tanya.raggedclown.net) by post.mail.nl.demon.net with esmtp (Exim 3.33 #1) id 16LWQn-0005s9-00 for FreeBSD-questions@freebsd.org; Tue, 01 Jan 2002 21:26:45 +0000 Received: by tanya.raggedclown.net (Postfix on SuSE Linux 7.3 (i386), from userid 500) id DD8ED10A0; Tue, 1 Jan 2002 22:26:44 +0100 (CET) Date: Tue, 1 Jan 2002 22:26:44 +0100 From: Cliff Sarginson To: FreeBSD-questions@freebsd.org Subject: Re: Can I rename root? Message-ID: <20020101212644.GD3117@raggedclown.net> References: <20011229154552.B855@localhost> <20011230103317.A474@localhost> <20011231154733.A832@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20011231154733.A832@localhost> User-Agent: Mutt/1.3.24i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Dec 31, 2001 at 03:47:33PM +0100, Rogier Steehouder wrote: > On 30-12-2001 10:33 (+0100), Rogier Steehouder wrote: > > On 29-12-2001 15:45 (+0100), Rogier Steehouder wrote: > > > A simple question: Can I rename root? > > > > I only got the advise: Don't. iThanks for the advise, but since noone > > knew any programs explicitly, I did it anyway. > > A short review of some of the comments I got (and my answers): > > - Some people suppose I do this as some sort of security measure: Security > by obscurity. (And isn't admin a bit predicatable then?) > > Well, obscurity helps of course, but it is no substitute for bad > maintenance. I know that and the main reason I wanted it changed was > easthetics. I like the new name better, so why wouldn't I be able to > change it. (And no, it's not 'admin'. That IS a bit predictable.) Mmm. "root" being such an ugly word ? You can always have another user with UID 0 you know, with a name to your taste. > > And Cliff, all that information you could find out about my system (and > more) has probably been mentioned earlier in the mailing list. If I want > usable tips, I have to give up some info, don't I? But I am curious how > you would determine my FreeBSD version in just a few seconds. This is easy to do, and also (sometimes) easy to prevent if you set your firewall up correctly. Unfortunately preventing it has a few conseqences that are a bit of a pain..but that is not the topic under discussion. > Besides, > half the info you mention I can extract from your mail headers as well > if you haven't faked them. You are missing the point. I am saying that as an attempt to prevent your system being cracked changing "root" is a non-starter. I was trying to point out the kind of information I have or could find out about you and say that is where crackers look to crack...as well as all the port scans etc etc.. Of course it is more or less useless to ask a question on such a list as this without saying something about your system ! The point is that effort is better spent on securing the system at a level where it matters. Despite all the "script-kiddies" there are a lot of people cracking systems who are very very knowledgeable, who probably dream about flaws they can find in the TCP/IP stack implementations. -- Regards Cliff To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message