From owner-freebsd-questions Sun Dec 30 16: 4: 4 2001 Delivered-To: freebsd-questions@freebsd.org Received: from sage-american.com (sage-american.com [216.122.141.44]) by hub.freebsd.org (Postfix) with ESMTP id C837537B405 for ; Sun, 30 Dec 2001 16:04:00 -0800 (PST) Received: from SAGEONE (adsl-64-219-21-136.dsl.crchtx.swbell.net [64.219.21.136]) by sage-american.com (8.9.3/8.9.3) with SMTP id SAA18753; Sun, 30 Dec 2001 18:03:55 -0600 (CST) Message-Id: <3.0.5.32.20011230180352.01797558@mail.sage-american.com> X-Sender: jacks@mail.sage-american.com X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Date: Sun, 30 Dec 2001 18:03:52 -0600 To: Cliff Sarginson , FreeBSD-questions@FreeBSD.ORG From: jacks@sage-american.com Subject: Re: Can I rename root? In-Reply-To: <20011230213122.GB1245@raggedclown.net> References: <200112302056.fBUKujU15646@berbee.com> <20011229154552.B855@localhost> <20011230103317.A474@localhost> <200112302041.NAA21129@cepheus.azstarnet.com> <200112302056.fBUKujU15646@berbee.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Cliff: That's EXACTLY what I thought this was all about, because it didn't make any other sense! This is a good way to look for tips to break security.... At 10:31 PM 12.30.2001 +0100, Cliff Sarginson wrote: >On Sun, Dec 30, 2001 at 02:56:31PM -0600, Rob Zietlow wrote: >> On Sunday 30 December 2001 02:41 pm, Jeffrey wrote: >> > On Sunday 30 December 2001 02:33 am, Rogier Steehouder wrote: > >To repeat, it is pointless. >Security through obscurity is an illusion. > >Besides which, few crackers try to crack passwords, if chosen >well it can take years. They go for holes in programs. > >Imagine I am a cracker, I surf this list because I know I >can hear tips, pick up on security issues. > >I now know: > - You have renamed root (that will really have the crackers shitting > their pants) > - You use Postfix > - You told me all this in your mail... > >> /etc/aliases I had already redirected root to my regular user: >> no problem >> /etc/crontab Replaced 'root' with 'admin' >> /etc/ftpusers Not critical, but added 'admin' >> /etc/gettytab User for autologin >> /etc/inetd Don't use it >> /etc/login.access Small change >> /etc/login.conf Has a special entry for root >> /etc/rc Changed 'chown root:wheel' in 'chown > 0:0' >> /etc/security Don't use it >> /etc/syslog Small change >> /usr/local/etc/postfix/postfix-script >> Some minor changes >> /usr/local/etc/webmin/... >> Starts some daemons as root > >I know your email address. >If you have a domain I can find it and your IP. >I know who your ISP is and what O/S they use. >I can find out what DNS you use, and your Mail Exchanger. >I could make some guesses at your login name. >actually, and probably guess you are in group "wheel". > >I know what MUA you use. >I know your run FreeBSD, and could probably find the version >in a few seconds. > >I could go on...changing root's name will achieve *nothing* of >any value. Sooner or later it will confuse you. > >Just reduce root access to the minimum, and disallow external >access to it. > >And learn something about security. > >-- >Regards >Cliff > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > > Best regards, Jack L. Stone, Server Admin Sage-American http://www.sage-american.com jacks@sage-american.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message