hi, i am nervous because i exposed my user name.
how to disable remote login attempt?

i have already disabled remote root login using securetty and uncheck '#' through /etc/security/access.conf

and i never have used root login, always using su.

--
Thanks for reading.

I wouldn't worry about this too much, simply because unless you're a company or another attractive target, it's unlikely someone will target you. Running 'r' commands (rsh and others) would be dangerous, but that's rare these days. Simply keep an eye on your system, and react accordingly if you see someone attempting to use your username to access your password.

Personally, if it bothered me that much, I'd probably change my username (and set up a honeypot with that username), or one of a hundred other options. The danger of removing all remote access to your system is that you might inadvertantly remove 127.0.0.1 access (your loopback), which means you're removing your own access to the system.

Another quick point. Revealing your username tends to be useless. The folks who can use it probably have a number of ways to jump into your system. The key here is to remember that almost all computer systems have a compromised username. For windows, it's something like admin. For Linux, it's root. So don't panic too much, just keep an eye on potential attackers.

I'm not trying to knock security, just putting it into perspective. You could lock your entire system, but for a skilled expert, you'd cause more hassle to yourself than the attacker. In many ways, it's like locking your house before you leave. Anybody can break in, some with skill, some with brute force. The key is to make it more effort than it's worth, and make them move on. In that respect, most Linux systems have an advantage, simply because there are so many insecure MS Windows systems online.

I'd disagree with a number of points.

Having the username significantly reduces the complexity of performing a bruteforce or dictionary attack against the system. That's part of the reason why you should always disallow remote root logins, because the username is exposed and is vulnerable to bruteforce. While bruteforcing a standard user doesn't have the same impact as as getting root, it allows you access to the system, where you can still do nefarious things like setup udp flooders, access password hashes, or run a local root exploit and gain root. If you look at the passwords hardcoded into the bruteforcessh2 tool it does attempt a number of non-root usernames, indicating that any access whatsoever is still important to crackers

More in general, I'd disagree with the overall philosophy. Just because there are people out there capable of breaking into a hardened system, doesn't mean you shouldn't lock-down an exposed system or maintain good security practices. By maintaining lax security standards you're increasing the number of people who are capable of cracking your system and their definition of what is "low-hanging fruit" might be quite different than a script kiddies. It's also real mistake to think that your system won't be targeted because it's not part of a corporation. Your system has lots of value, like sniffing passwords/credit card info or even just for the bandwidth it can add as part of a DDoS botnet.

lmmix:
I'd definitely change the username. If you'd like to disable remote login capabilities, just turn off any services that allow remote access like sshd or ftpd. You can't remotely log into a machine that doesn't run any services.

Thanks for reply.

i had purged ssh, cron, nfs-common, exim4, pidentd, and few package long time ago.
i hadn't installed ftp, telnet.

i am using firestarter, and chmoded 1xxx to xxx.

and now i am considering grsecurity patch 2.1.2
http://www.grsecurity.net/

and for the username, i wouldn't change it, i think they are good ppl/hackers(GNU),
guess that they even don't care about me

and next time i will never do the stupid thing again.

--