LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-26-2007, 03:55 PM   #1
firehydra2k
LQ Newbie
 
Registered: Feb 2006
Posts: 6

Rep: Reputation: 0
Disable root access...


Hey,

I'm running Red Hat Enterprise AS 5 as a server. So far, I've got everything set up and working. I've disabled root access for wu-ftpd, sshd, and mysql. Problem is is that I can still log in as root through GUI ftp clients (yes, I still don't know which service I'm using on my server for ftp).

Is there a way to disable root access ultimately so that no one can connect remotely as the admin?
 
Old 03-26-2007, 04:01 PM   #2
pixellany
LQ Veteran
 
Registered: Nov 2005
Location: Annapolis, MD
Distribution: Arch/XFCE
Posts: 17,802

Rep: Reputation: 738Reputation: 738Reputation: 738Reputation: 738Reputation: 738Reputation: 738Reputation: 738
Who owns this machine--ie who is the SA? If it is you, then keep root access for yourself, and restrict the rights of OTHER USERS.

If someone else has access to the root account, what stops theme from walking up the machine and setting the permissions to their liking????
 
Old 03-26-2007, 04:07 PM   #3
firehydra2k
LQ Newbie
 
Registered: Feb 2006
Posts: 6

Original Poster
Rep: Reputation: 0
I'm the administrator, but the case is is that I can log on using a root password remotely. I don't want that capability period. I'm not worried about people walking up to the machine; the box is locked up anyways.
 
Old 03-26-2007, 05:01 PM   #4
x_terminat_or_3
Member
 
Registered: Mar 2007
Location: Plymouth, UK
Distribution: Fedora Core, RHEL, Arch
Posts: 342

Rep: Reputation: 38
Try nmap on your box and use the guessing feature to tell you exactly what programs are listening for incoming connections.

From outside your box,

nmap -sV yourhost

yourhost can be a FQDN or an IP address for your server.

Careful now! Be aware that scanning devices without permission is illegal in some countries. Be aware of the legislation of the country you are in, and the country the device being scanned is in. That said, doing nmap on a server that you administrate is, off course, 100% legal.
 
Old 03-26-2007, 05:42 PM   #5
osor
HCL Maintainer
 
Registered: Jan 2006
Distribution: (H)LFS, Gentoo
Posts: 2,450

Rep: Reputation: 75
Quote:
Originally Posted by x_terminat_or_3
Try nmap on your box and use the guessing feature to tell you exactly what programs are listening for incoming connections.

From outside your box,

nmap -sV yourhost

yourhost can be a FQDN or an IP address for your server.

Careful now! Be aware that scanning devices without permission is illegal in some countries. Be aware of the legislation of the country you are in, and the country the device being scanned is in. That said, doing nmap on a server that you administrate is, off course, 100% legal.
Or, from inside your box, do “ss -lp” or “netstat -lp” (it should give you all your listening sockets and the process that own them).
 
Old 03-27-2007, 02:19 AM   #6
x_terminat_or_3
Member
 
Registered: Mar 2007
Location: Plymouth, UK
Distribution: Fedora Core, RHEL, Arch
Posts: 342

Rep: Reputation: 38
Cool, didn't know there was nazi's in my box. Yet another tool for my toolbox. Thanks osor
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to disable root console and remote access. UltraSoul Solaris / OpenSolaris 1 02-09-2007 05:05 AM
How Do I Disable Ssh Access? 2kau Linux - Software 1 09-08-2006 04:05 PM
How can I disable root to ssh Soulstealer Linux - Security 2 12-12-2004 12:36 PM
I lose ftp access when I disable shell access for user captainObvious Linux - General 3 11-13-2004 06:49 PM
Disable Shell Access Manuel-H Linux - Software 3 06-22-2003 12:06 PM


All times are GMT -5. The time now is 07:23 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration