Date: Mon, 21 May 2007 14:29:43 -0600 From: Chad Perrin <perrin@apotheon.com> To: questions@freebsd.org Subject: Re: just general questions about fbsd Message-ID: <20070521202943.GA94928@demeter.hydra> In-Reply-To: <465140C0.7070409@u.washington.edu> References: <20070520221917.GA91736@ezekiel.daleco.biz> <BMEDLGAENEKCJFGODFOCCEBHCAAA.tedm@toybox.placo.com> <1a9901c79b3c$4774abc0$6600a8c0@tamouh> <20070521044430.GB91151@demeter.hydra> <465140C0.7070409@u.washington.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, May 20, 2007 at 11:48:32PM -0700, Garrett Cooper wrote: > Chad Perrin wrote: > >On Sun, May 20, 2007 at 08:09:19PM -0400, Tamouh H. wrote: > >>On the other hand, Windows has the ability to change the administrator > >>user or completely disable it. Something not available in Unix systems. > >>For example, a cracker or hacker targeting UNIX system will automatically > >>try to compromise the "root" user. It is 100% guaranteed to be there. On > >>the other hand in Windows, good sys admins will rename or complete > >>disable the administrator user hence making it more difficult to know the > >>administrator user. > >> > > > >Actually . . . technically, root users can be renamed and can, in many > >ways, be disabled. They can certainly be made inaccessible remotely. > > > > That can break many scripts though, can't it, if the dev improperly > looks up the name, not the UID? Probably -- if you're talking about disabling or renaming the root account for users. I've never personally done it, so can't really comment on that. I have, however, generally made the root account inaccessible remotely -- and that hasn't cause me any problems at all. -- CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ] MacUser, Nov. 1990: "There comes a time in the history of any project when it becomes necessary to shoot the engineers and begin production."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070521202943.GA94928>