Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: security scenario

From: Richard Arends <richard () unixguru nl>
Date: Tue, 28 Jan 2003 09:57:45 +0100 (CET)
On Fri, 24 Jan 2003, camthompson wrote:


consider this (I'm trying to make a network more secure) :
A user enters grub upon bootup and hits "e" to edit the Linux boot
procedure and then continues to boot into single user mode, and he then
chagnes the root password to whatever he suits.... the user who did this
is eventually tracked down and taken care of.

Now, how would I prevent this from happening in future instances?


You can also let Linux ask for the root password before going into single
user mode. Together with the BIOS / bootloader password, this could be a
showstopper for the not so smart user.

But stopping somebody to get into that machine who has physical access and
a bit knowledge, is almost impossible.

Regards,

Richard.

----
Paul Vixie in an interview with Sendmail.net:

Now that the Internet has the full spectrum of humanity as users,
the technology is showing its weakness: it was designed to be
used by friendly, smart people. Spammers, as an example of a class,
are neither friendly nor smart.
Previous By Date Next
Previous By Thread Next

Current thread: