This section deals with the basics regarding computer accounts.
Accounts are a way of identifying users to a computer system. Other terms you may see or here are IDs, user IDs, logins, or some other variant. Most systems, when initially accessed, will require you to provide an account name, and will usually require you follow up with a password. Not knowing a password sucks, but not knowing a valid account name sucks more.
Account names are usually something either very common: such as a part of the user's name like tshimomura or kmitnick, part of a user's function like dbadmin or webmaster, or sometimes kind of goofy such as employee numbers like u121, or something made up like up-uat or imnsho. Usually, if you can find out one or two regular user account names, it might be possible to guess additional names -- particularly if employee numbers or account numbers are used.
Accounts can usually be divided up into four categories -- god, special, regular, and guest. A god account can usually do anything system-wise, from adding more users to changing anybody's password to complete system reconfiguration. As a hacker, this is typically your objective. Special accounts are usually either accounts used by the system itself or accounts that fulfill some type of administrative roll without full god access. Regular accounts are simply that -- the accounts used by regular users for their normal tasks. And guest accounts are accounts designed for anyone to use -- these are usually there as a convenience for those who do not have a regular account on the system. A good example of this is anonymous FTP. Typically, guest accounts have fairly restrictive access to the system, especially on publicly accessible systems.
Groups are simply groupings of users. They are primarily used to ease system administration. For example, instead of having to assign access to a new hard drive to the forty accounting users, an admin just has to assign the accounting group the access. Even special privileges can often be assigned by group, such as the ability to manage a set of programs or system functions like printing.
Most modern systems allow accounts to belong to more than one group.
Top | Next: Password Basics | Previous: Attack Basics | Table of Contents