Thread: My Unix/Linux SECURITY SOLUTION - pls read

  1. #1
    Registered User
    Join Date
    Nov 2001

    My Unix/Linux SECURITY SOLUTION - pls read

    I recently had my linux server hacked into and after reading over all the information I could find about how root kits work I've come up now with a VERY SIMPLE but VERY GOOD Unix security solution.

    It seems most of these hacks rely on gaining UID (0) access - or root access.

    Here's my solution - how about during installation of Linux (any Unix) on a server that during installation and setup a random UID be assigned root priveledges and do away with the (0) UID idea - it seems to me that giving hackers a known UID to try to obtain - does half the job for them. If they have no idea what UID has root priveledges then its going to be a Heck of a lot harder to hack a system.

    Also do away with the username "root" altogether. Again it just makes it so much easier for the hacker since half the jobs done for them, they only have to guess the password. Why not let the administrator select their own username to be the traditional "root" during installation !!!!

    I hope someone reads this! The way things are now, especially with the way the world is going - hackers are laughing. With all the terrorism, etc around - servers are too vulnerable - I think this could be a simple and effective solution.
    Last edited by bjdea1; 04-02-2004 at 03:26 AM.

  2. #2
    Join Date
    Feb 2003
    uhm.... with the exception of root kits, if you have cryptography and a GOOD password(12-16 characters that contain alpha-numeric and special chars[like '$']), it will actually take 3-4 years for a computer today running john or brutus etc. to crack it(during which time you will already have changed your pass hopefully).

  3. #3
    Registered User linuxdude's Avatar
    Join Date
    Mar 2003
    Linux runs the MD5 encryption you it takes forever to crack(basically)

  4. #4
    Registered User
    Join Date
    Aug 2003
    This isn't a solution at all. For one, it's security by obscurity. Two, you can freely read the UID root from /etc/passwd. Three, if you restrict services to encrypted ones (like SSH) or tunnel them through secure ones, it becomes 50 times harder to even get in. And four, restricting the root user power has already been thought off, and implemented. Take a look at the security patches for the kernel, like LIDS and grsecurity.
    Sigh, nothing ever works the first try.

    Register Linux User #314127

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Read Array pro!!Plz help!!
    By Supra in forum C Programming
    Replies: 2
    Last Post: 03-04-2002, 03:49 PM
  2. Serial Communications in C
    By ExDigit in forum Windows Programming
    Replies: 7
    Last Post: 01-09-2002, 10:52 AM
  3. read data
    By in_need in forum C Programming
    Replies: 2
    Last Post: 10-30-2001, 08:10 AM
  4. Help! Can't read decimal number
    By Unregistered in forum C Programming
    Replies: 2
    Last Post: 09-07-2001, 02:09 AM