LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 08-08-2005, 02:55 PM   #1
future assassin
LQ Newbie
 
Registered: Jan 2003
Posts: 23

Rep: Reputation: 15
Complex user names


What do you guys think of using complex usernames for security? Everyone says use complex passwords but I havent hear anyone mantion user names. Reason Im asking is that i see once in a while a SSH attack on my server. The list usually includes generic names but never anything more creative.
 
Old 08-08-2005, 03:17 PM   #2
Vgui
Member
 
Registered: Apr 2005
Location: Canada
Distribution: Slackware
Posts: 496

Rep: Reputation: 31
If you are getting attacks on common names, then yes try out some complex ones and see if that makes a difference. I had heard of one person trying to change root to something else (in the hopes of stopping simple canned attacks). Maybe it will make a difference with the complex names, then again it could be fairly easy to maliciously find out the users on a system.
 
Old 08-08-2005, 06:26 PM   #3
tkedwards
Senior Member
 
Registered: Aug 2004
Location: Munich, Germany
Distribution: Opensuse 11.2
Posts: 1,549

Rep: Reputation: 51
It may help a little but these aren't brute force attacks you're seeing - they're just quick attempts to connect with either a blank password or a common bad-password like the word 'password' as a password. SSH uses challenge-response authentication which means it can (and does) enforce a delay after a wrong password and forces a disconnect after (by default) 3 wrong passwords. This makes brute-force dictionary or common password list attacks take too long to be practical.

A better solution might be to simply run the ssh daemon on a port other than 22, all ssh clients I know of can specify the port to connect to. I moved mine to another port and since then I've got no false connection attempts - it simply takes too long to scan even all the service ports of a computer for one that's open, so the script kiddies and crackers that do this only scan port 22.

Quote:
then again it could be fairly easy to maliciously find out the users on a system
Not through ssh its not. ssh has been specifically designed to not give any information about which usernames are valid on a system. Most other daemons have similar safeguards against giving out information like that about the system.
 
Old 08-08-2005, 10:48 PM   #4
Matir
Moderator
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 118Reputation: 118
Code:
PermitRootLogin no
in /etc/ssh/sshd_config. I cannot think of any reason to allow root login over ssh. And that will stop brute forcing of root in its tracks.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
create unique user names sabapathys Linux - Software 1 05-12-2005 05:50 AM
User names with a dot? tplessers Linux - Newbie 20 08-29-2004 07:31 AM
Restore User names and passwords teeno Linux - General 2 03-24-2004 02:16 AM
How can user names be changed? petercool LQ Suggestions & Feedback 4 05-19-2003 08:59 AM
User names neo77777 General 8 08-10-2002 05:33 AM


All times are GMT -5. The time now is 06:29 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration