Date: Sun, 1 Feb 2004 13:55:13 +0200 From: Mike Jackson <mjj@isorauta.ntc.nokia.com> To: freebsd-questions@freebsd.org Subject: Re: toor & root Message-ID: <20040201115513.GD14872@isorauta.ntc.nokia.com> In-Reply-To: <200402011144.i11BivY14719@nalle.netsonic.fi> References: <20040201121928.3686fb5b.nypix33@virgilio.it> <200402011144.i11BivY14719@nalle.netsonic.fi>
next in thread | previous in thread | raw e-mail | index | archive | help
ext Markus Kovero (markus.kovero@grafikansi.fi) wrote: > Toor is for security paranoid people? Dunno, its way to get more secure from > most "script kiddie"-r00t-kit things. Does it btw have superuser id? The "toor" user is nothing more than a backup root account, in case your "root" account happens to get locked out for some odd reason. The "toor" user does not have a password by default, and is thus a disabled account. I normally add my own "root user" account, which serves the same purpose but helps auditing because that username appears in logfiles instead of "root" or "toor". The best way to protect against somebody trying to remotely hack root, other than the obvious of turning off unneeded services, is to disable remote root logins. Then to get root, you have to first login as a normal user and then su to root. Disable remote root logins in /etc/ttys by setting terminals to insecure. -- mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040201115513.GD14872>