Details
The DB2 service is installed with default accounts with well-known names such as db2admin, db2inst1, dasusr1, or db2fenc1. It is recommended that the use of these account names be avoided. The default accounts may be renamed and then used.
The use of default accounts may increase the DB2 service’s susceptibility to unauthorized access by an attacker.
Solution
For Windows:
1. Right-click over the %DB2PATH% and select Properties from the menu.
2. Go to the Security tab and re-assign all the user accounts with well-known default names to use non-default names.
For Linux, perform the following command:
chown -R
Notes:
Review the impact of changing the usernames before performing this global change.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Windows.