Hello,

I have made a dedicated server contract recently with a hosting provider, the server is unmanaged and the hosting provider is responsible for network and hardware issues not software,
but they have set admin password and other administrative passwords and use it for some administrtive tasks, like adding new IPs and ...
I want to know if I can change the password and restrict them from accessing my server,
is it a routine thing in dedicated server providers to have an admin password on the server they sell?

Thank you for your replies,
ReZa

Read the agreement you signed.

Otherwise, tell them you do not want them managing your server and nuke/or/edit password for the account.

Also, it does help when they do have the password, because when you send in a support ticket they don't have to ask you for it.

I have 2 servers with an UGLY host called c1 host

The only way I could trust those servers is to change the root password and Not allowe "ci - support" to ever touch them.

But - I would never let www.VenturesOnline.com ask me twice for any server password :)

So, ReZa it all depends on your host.

If you don't trust the company that you're paying every month FOR the server to have your password, why are you even with them at all?

They have PHYSICAL access to your server.... more than likely you do not. It would take all of a min. for them to walk up, hook up a monitor and change the pass on your system (assuming it's a flavor of *nix). So you have no more privacy from your host (which again I would think you would trust above anyone else) than if they have an account on your system or not.

Yeah, it completely depends on the deal you've made, what level of administration your host will do on the box, ie. if they need the ability to go in and add IP's or make any kind of OS software updated, then they'll need a login. But on the other hand, if the box is truly unmanaged and they really have no business being logged in, then lock it down.

A couple of helpful links about securing a Windows server:

http://www.angelfire.com/scifi/danilody/windows/windows2k.html

http://www.analogx.com/contents/articles/ipsec.htm

http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/itsolutions/network/maintain/security/ipsecld.asp

.. If you start messing with IPSec be careful so you don't lock yourself out of the box.