-5

The administrator account can be renamed which means the hacker needs to figure out two pieces of information : the user name and the password while there is always one root account in Linux named root

Ulkoma
  • 8,793
  • 16
  • 65
  • 95
  • `The administrator account can be renamed` That's true on both Windows and Linux. Don't often see it done on either system. Of course, every Linux distro I've used has done 1 of the following: (a) Disabled root login by default, or (b) had the user decide on a root password during install (that they could change later). So what if someone knows there's probably a root account? If the password is a 38-character passphrase, the universe will have ended fifteen times over before they guess it. – Parthian Shot Aug 10 '14 at 16:24
  • 1
    Plus, what is the threat model? If someone has physical access, and they're being presented with a login prompt, chances are they can just pull out the (unencrypted) hard drive or read the (unencrypted) memory contents directly. If they're over a network, who the hell allows root logins via SSH? Or doesn't lock down their webserver sufficiently that guessing the password cold would be really, really hard? – Parthian Shot Aug 10 '14 at 16:26
  • 1
    I feel like it's [Halloween](http://en.wikipedia.org/wiki/Halloween_documents) already... – Parthian Shot Aug 10 '14 at 16:29
  • I have read in Mike Meyers' Certification Passport series of books that it's a recommended practice to change the administrators account name in MS Windows, also I know that it's not recommended to change the root account name in Linux, hence my question – Ulkoma Aug 10 '14 at 17:09
  • No need to make fun of me, nobody is perfect – Ulkoma Aug 10 '14 at 17:10
  • I didn't mean to make fun of you, it just seemed like FUD. `it's a recommended practice to change the administrators account name in MS Windows` Right. That's the recommended practice, but (I would guess) not for a security reason. As `dr jimbob` mentioned in his comment below, changing parameters like that makes it easier to cut down on log sizes, but in and of itself it doesn't really provide security. It's a best practice for a good reason, and it does add to defense in depth, but as security measures go it's pretty weak. Like telling telemarketers to take you off their list. – Parthian Shot Aug 10 '14 at 18:23

3 Answers3

2

Security through obscurity (like "hidding" the administrator's account under another name) at most could delay a few minutes any attack, but does not increase your real level of security at all.

Root accounts usually cannot log in remotely and in most cases their password are disabled by default, so any attack using "root" as username will not succeed on such machines. On the other hand, I have seen plenty of Windows machines that will gladly disclose all the local accounts upon request, letting the attacker know the new administrator's name in no time.

NuTTyX
  • 693
  • 4
  • 9
  • Agree, you should never rely on obscurity for your security. That said, obscurity often doesn't hurt (sometimes comes at expense of usability) and helps as a default when users pick bad passwords. Guessing a user name from M possibilities and password from N choices is a tougher task, means it takes MN work instead of just N. Yes, your username often is not secret in a targeted attack (where they have usernames associated with your IP address from other systems), but there are plenty of non-targeted attacks out there (leave an ssh server on port 22 facing the internet and see the attempts). – dr jimbob Aug 10 '14 at 20:25
  • Of course doing such methods will help, mainly in non-targetted attacks, but I would not count them as a **security** feature. – NuTTyX Aug 10 '14 at 20:40
1

nope.

because, strictly speaking, nothing prevents you from renaming root-account on Linux too. the name is just a record in /etc/passwd file. it might lead to some incompatibilities in software, but that should be rare.

JimiDini
  • 172
  • 7
  • 1
    "but that should be rare." Not that rare, unfortunately. Mostly install scripts that check the username is root rather than checking the UID = 0. However, that's bad userland software design, not bad O/S design. – Parthian Shot Aug 10 '14 at 16:19
1

Many flavors of linux (e.g., ubuntu) by default disable password login to the root account, but let the primary account elevate to root permissions by prefixing commands with sudo and entering that account's password.

https://help.ubuntu.com/community/RootSudo

Parthian Shot
  • 861
  • 2
  • 10
  • 18
dr jimbob
  • 38,768
  • 8
  • 92
  • 161
  • 1
    it's better to say "doesn not allow to log into root account directly". "does not set a password" can be interpreted incorrectly – JimiDini Aug 10 '14 at 15:38
  • Additionally, there's the point that the username isn't the bit that's supposed to need to be secret, anyway. – Parthian Shot Aug 10 '14 at 16:17
  • @JimiDini - Well you can switch to the root account with `sudo su -`, it's just when the password is not set, you can't login to the root account by knowing an unset root password. @Parithian Shot, I agree in the Kirchhoff principle in general, especially for analyzing security of a system. Granted in practice, it often drastically cuts down on crud in your logs if you do simple restrictions (change SSH from port 22, don't have a user named root or other common names). – dr jimbob Aug 10 '14 at 16:44