Re: Security question - uids of 0
toor is a base system user. It is a default user. It is used for several reason and is secure as long as no one can access your console directly. On Monday 16 August 2004 09:57 am, James A. Coulter wrote: The following appeared in my latest daily security run output: Checking for uids of 0: root 0 toor 0 This is the first time I've seen this message. I checked /etc/passwd and found this: root:*:0:0:Charlie :/root:/bin/csh toor:*:0:0:Bourne-again Superuser:/root: I am running FreeBSD 4.10 as a gateway/router/firewall with IPFW for a small home LAN. I ran ps -aux and looked for any processes owned by toor but didn't find any. Is this something to be concerned about? Sorry if this is an obvious question, but I am still very much a newbie and trying to learn what I can about security. Thanks for your patience, Jim ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Security question - uids of 0
The following appeared in my latest daily security run output: Checking for uids of 0: root 0 toor 0 This is the first time I've seen this message. I checked /etc/passwd and found this: root:*:0:0:Charlie :/root:/bin/csh toor:*:0:0:Bourne-again Superuser:/root: I am running FreeBSD 4.10 as a gateway/router/firewall with IPFW for a small home LAN. I ran ps -aux and looked for any processes owned by toor but didn't find any. Is this something to be concerned about? Sorry if this is an obvious question, but I am still very much a newbie and trying to learn what I can about security. Thanks for your patience, Jim ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Security question - uids of 0
Hi James, The following appeared in my latest daily security run output: Checking for uids of 0: root 0 toor 0 This is the first time I've seen this message. I checked /etc/passwd and found this: root:*:0:0:Charlie :/root:/bin/csh toor:*:0:0:Bourne-again Superuser:/root: I am running FreeBSD 4.10 as a gateway/router/firewall with IPFW for a small home LAN. I ran ps -aux and looked for any processes owned by toor but didn't find any. did you install bash? Normally, the bash from ports or packages will install the toor account so you don't have to change root's shell. If you installed bash then there's nothing to worry about this entry. If you don't need it, just use vipw and delete it. -volker ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Security question - uids of 0
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 James A. Coulter wrote: | The following appeared in my latest daily security run output: | | Checking for uids of 0: | root 0 | toor 0 | | This is the first time I've seen this message. | | I checked /etc/passwd and found this: | | root:*:0:0:Charlie :/root:/bin/csh | toor:*:0:0:Bourne-again Superuser:/root: | | I am running FreeBSD 4.10 as a gateway/router/firewall with IPFW for a small | home LAN. | | I ran ps -aux and looked for any processes owned by toor but didn't find any. | | Is this something to be concerned about? | | Sorry if this is an obvious question, but I am still very much a newbie | and trying to learn what I can about security. http://freebsd.active-venture.com/faq/security.html#TOOR-ACCOUNT - -- Siddhartha Jain (CISSP) Consulting Engineer Netmagic Solutions Pvt Ltd Bombay - 400063 Phone: +91-22-26850001 Ext.128 Fax : +91-22-26850002 http://www.netmagicsolutions.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBIM3MOGaxOP7knVwRAv1HAJ4+/67fLaZbpgR3U25vy9xGMLtelQCeKhdO iTuVWEHFhbH/n+1tXxNIYFY= =RBsX -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Security question - uids of 0
On Mon, Aug 16, 2004 at 09:57:37AM -0500, James A. Coulter wrote: The following appeared in my latest daily security run output: Checking for uids of 0: root 0 toor 0 This is the first time I've seen this message. I checked /etc/passwd and found this: root:*:0:0:Charlie :/root:/bin/csh toor:*:0:0:Bourne-again Superuser:/root: I am running FreeBSD 4.10 as a gateway/router/firewall with IPFW for a small home LAN. I ran ps -aux and looked for any processes owned by toor but didn't find any. Is this something to be concerned about? Sorry if this is an obvious question, but I am still very much a newbie and trying to learn what I can about security. Thanks for your patience, http://www.freebsd.org/doc/faq/security.html#TOOR-ACCOUNT -Radek ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Security question - uids of 0
The following appeared in my latest daily security run output: Checking for uids of 0: root 0 toor 0 This is the first time I've seen this message. I checked /etc/passwd and found this: root:*:0:0:Charlie :/root:/bin/csh toor:*:0:0:Bourne-again Superuser:/root: I am running FreeBSD 4.10 as a gateway/router/firewall with IPFW for a small home LAN. I ran ps -aux and looked for any processes owned by toor but didn't find any. Is this something to be concerned about? No. It is normal. It is one of the normal accounts put there in a standard install. It is essentially a root account by another name. Some things used to like to use it to own their installed stuff but avoid using root directly. I don't know if anything really does that any more. I sometimes use it as a model pw entry when in vipw for creating new accounts directly to help avoid missing a field. Sorry if this is an obvious question, but I am still very much a newbie and trying to learn what I can about security. This has been brought up and answered numerous times in the past. You might try and search for information on toor account. You should be able to find something. jerry Thanks for your patience, Jim ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Security question - uids of 0
On Mon, Aug 16, 2004 at 05:01:51PM +0200, Volker Kindermann wrote: Hi James, The following appeared in my latest daily security run output: Checking for uids of 0: root 0 toor 0 This is the first time I've seen this message. I checked /etc/passwd and found this: root:*:0:0:Charlie :/root:/bin/csh toor:*:0:0:Bourne-again Superuser:/root: I am running FreeBSD 4.10 as a gateway/router/firewall with IPFW for a small home LAN. I ran ps -aux and looked for any processes owned by toor but didn't find any. did you install bash? Normally, the bash from ports or packages will install the toor account so you don't have to change root's shell. If you installed bash then there's nothing to worry about this entry. If you don't need it, just use vipw and delete it. -volker Thank you Volker - I did install bash several weeks ago, so the sudden appearance of the message in my daily security run caught my attention. Thanks to everyone who sent the http://www.freebsd.org/doc/faq/security.html#TOOR-ACCOUNT link. Jim ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]