Am 2006-12-15 16:04:50, schrieb Erik Persson: > Grok Mogger wrote: > >I've often seen this touted as a good security measure and I've always > >wondered why. I can think of a few possibilities, but I really don't > >know. Could someone please explain it to me? > > > >Thanks, > >- GM > > 1. When a hacker tries to attack a site he (or she) has to guess 2 > separate strings - the username and the password. The former is often > easier to guess and is not as well guarded. There is however a bit of > guessing involved in finding a username. For root this is not the case. > You don't have to guess the username "root" - it's always there. If you
You can rename "root" to "only.root.can.login" :-) Hackers will look realy bad, if no root is there... ...your ADMIN colegues too! I have done this on a Test-System in Paris too and they have tried to brutforce the machine several month without success. Thanks, Greetings and nice Day Michelle Konzack Systemadministrator Tamay Dogan Network Debian GNU/Linux Consultant -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ ##################### Debian GNU/Linux Consultant ##################### Michelle Konzack Apt. 917 ICQ #328449886 50, rue de Soultz MSM LinuxMichi 0033/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)
signature.pgp
Description: Digital signature