cross-platform virus
John
dingo at coco2.arach.net.au
Mon Apr 10 02:20:28 BST 2006
Sasha Tsykin wrote:
>
>>
>> Want to crack a box? Everyone has a root account, you only need to
>> crack the password. Want to crack an Ubuntu box? First, guess the
>> username, /then/ you can move to cracking the password. An extra
>> security step is involved wherein one doesn't even have something (root)
>> to start with. It's would take a hell of a dictionary attack to get a
>> strange username and password.
>>
>> Cybe R. Wizard
>
> the difference is not material. Enterprise servers always have root
> accounts, not sudo, and they are teh most secure machines available.
> Nice theory, not really applicable in practice.
I'm a Windows 2003 Server admin. I _can_ disable the "administrator"
account, I "can" create a user account (eg crwiz) with whatever
administrative powers I wish etc.
When I install Windows XP Professional SP2 I _must_ create a user
account, just as on U, and that user is an administrator. I _can_
disable or rename the original administrator.
Sasha, Ask your Dad, "Does OSIV/F4 have root accounts?"
For the others, and answer is, "No." (OSIV is/was Fujitsu's
reimplementation of MVS).
Windows has "runas," which implements the sudo concept.
I'm also a Mac administrator.
When I install OS X, I find the root account disabled. Individual users
who have administrator rights authenticate as themselves using sudo so
as to run administrator tasks.
I'm also a Linux administrator. Mostly, I disable root and use sudo. (I
also disable sulogin where it's used).
More information about the sounder
mailing list