Re: [cobalt-security] Re: changing "admin" login defualt

[Theodore Jones <theoj@xxxxxxxxxxxxx>]

Thanks HP,

Valid points.  I guess I'll hope also that Jeff or someobody from Cobalt can
comment on this...

~ Theo


"H.P. Stroebel" wrote:

> > From: Theodore Jones <theoj@xxxxxxxxxxxxx>
> > To: "Cobalt Security Disc." <cobalt-security@xxxxxxxxxxxxxxx>
> > Subject: [cobalt-security] changing "admin" login defualt
> >
> > I was just wondering last night if there is a way to change the
> > login-name of "admin", the one I think the RaQ3 is defualted to....
> > Specifically, this is the login-pw combo you use to get into the
> > web-based admin system of the unit when you set it up.  If a smart
> > hacker wanted to, they could either easily guess the login-name-half and
> > then try any number of passwords on that or they could also read the
> > documentation provided from the cobalt website and figure out the
> > defualt port number for administration as well as maybe the admin
> > defaulted name....
>
> i had the same thought. as i am afraid to mess up the cobalt`s gui
> functions, i decided to change the message in the .htaccess file
> (displayed in the browser`s authentication window) from "Cobalt RaQ"
> to "Private Area" (don`t remember where the file was...), and changed
> the default error 404 site, to make it a bit more difficult to guess
> that it`s a raq.
>
> --
>
> H. P.  Ströbel
>
> PGP Digital Fingerprint :
> 58E0 6ECB 620A A689 E206
> BCA8 300F BC45 6EEC F7C3
>
> Yes, I do. But not Yahoo.
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security