Prevent root from logging on directly

Accounts -- especially those of super users -- should never be shared. Sharing accounts makes logging and accountability difficult. However, on most Unix systems, the only "super user" account is the "root" account. To facilitate meaningful logging and monitoring, Unix administrators should always log on with their regular user account and then use su to switch to the root account.

In addition to increased accountability, this process prevents malicious users from remotely logging into the most powerful account. This is especially important in Unix because the most powerful username, root, is well-known and often not changed.

This setting forces super users to follow the su process.

Please click here to ask Chris for guidance on this test or the results that you received.

6-10

	New
Active Directory Date Converter
Unix Timestamp Date Converter
Unix Security Analyzer
Windows Security Analyzer
NIST SP 800-63 password policy compliance checker

	Sponsors

	News: Schneier
Parental Fears vs. Realities Consumerization and Corporate IT Security Terrorism Entrapment UAE Man-in-the-Middle Attack Against SSL Successful Attack Against a Quantum Cryptography System

	News: SecurityFocus
News: Change in Focus News: Twitter attacker had proper credentials News: PhotoDNA scans images for child abuse News: Conficker data highlights infected networks Brief: Google offers bounty on browser bugs

	News: CBC
2 asteroids fly near Earth Teens' styrofoam study wins water prize Google debuts Instant predictive search engine Bay of Fundy may get world's largest turbine Mobilicity files complaint about Rogers' Chatr

	News: CNN
Google launches 'Instant' search Stop those boneheaded Facebook comments Call 911? Maybe not from a cell phone 5 just-plain-weird video games

	Statistics

	Farmington, CT

	Edmonton, AB

	Oakland, CA