[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: console access



Hi,

I forgot to mention that you should put the root system on a
write-protected (hardware) disk, like most SCSI disks, and use a RAM-disk
for all temporary stuff. (Otherwise someone will change the boot-record of
your disk and that's it). Also, don't use LILO unless you can disable all
input (don't use LILO, so I am no expert on securing LILO). The LILO
option init=/bin/sh makes all passwords and security obsolete.

Schlomo

On Thu, 29 Jan 1998, Peter L. Peres wrote:

> 
> After installing the machine and Linux, open the box, and set up the
> floppy drive to be floppy drive B:. BIOS can't boot from it that way.
> Change the setup in the BIOS. You will still be able to mount floppys with
> data. Then, close the box using special screws or purchase a computer
> anti-theft kit and use it. Check out Office Depot, I think they have them.
> This makes shure that noone can open the machine and change the setup
> back.
> 
> On Thu, 29 Jan 1998, Constantin Eizner wrote:
> 
> > How I can to prevent from another person to crash destroy or get root on
> > my Linux if I can't
> > to prevent direct access to console. Every body can  make boot from
> > floppy and ...
> > Even if I make floppy disable from BIOS Setup as you understand it not
> > problem to crack BIOS.
> 
> Just what do you mean by cracking the BIOS ? The BIOS password is secure
> if the case cannot be opened to short the battery and do the other obvious
> tricks.
> 
> On the other hand, if you have a set of determined opponents with the
> right tools, then they will perhaps anonymously email you a copy of the
> /root directory and all the passwords on the system in clear, just for
> laughs. It is possible that they will decide not to return the hardware,
> though. It has happened before, apparently.
> 
> hope this helps,
> 	Peter
> 
> 
>