[CentOS] Very strange problem i have faced in my 2 years carrier

Wed Sep 12 07:02:06 UTC 2007
Steven Haigh <netwiz at crc.id.au>

On 12/09/2007, at 4:25 PM, umair shakil wrote:
> Dear Concerns,
> I would like to share a very strange problem. I am from Pakistan/ 
> Islamabad. Last month i was on trainning
> from Askari Bank Limited (Juniper). Here in Askari i m running NMS-- 
> > MRTGs using CentOs 4.4. On trainning i recieved
> a call from collique saying
>  "when i "su -l" NMS says "root user doesnot exist". and also MRTGs  
> not working. well i was amazed how was it
> possible. In the Evening i came back to office. I boot the machine  
> in single user mode and type the command;
> less /etc/passwd
> here when i found that user root existed, but the only thing that  
> was amazing is;
> the spelling of root was changed from "root" to "R00t". i changed  
> to "root" and every thing worked.
> I want to ask, what is this, this doesnot seem a garbage value or  
> nor corruption of passwd file. only showing someone changes this.  
> Here we have bank private network, only two people have access  for  
> it  me and  another guy.
> what are your opinions??????

This is usually done to change the root account name to something  
else. This is most often done for security - as most hacking attempts  
use the username root. Changing this to something else means that all  
those attempts would fail. As long as the UID is set to 0, most  
system things won't care that the user root is now known as R00t.

Steven Haigh

Email: netwiz at crc.id.au
Web: http://www.crc.id.au
Phone: (03) 9017 0597 - 0412 935 897