Full Disclosure mailing list archives

Re: SAM Switch - Win2k/XP password-less login

From: Steve Ames <steve () energistic com>
Date: Thu, 25 Sep 2003 13:47:58 -0500

On Thu, Sep 25, 2003 at 11:34:40AM -0500, Schmehl, Paul L wrote:

backdoor passwords "in case of emergency", and all BIOSes can be easily
reset to default passwordless configuration.


Without knowing the password you couldn't put the password back 
correctly so it would be obvious that the BIOS had been reset. Doesn't
fix the problem by any means but does perhaps leave a track.

If your server reboots for no reason really you should have already
noticed that and wondered what was up.

-Steve

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

SAM Switch - Win2k/XP password-less login Palan (Sep 25)
- <Possible follow-ups>
- RE: SAM Switch - Win2k/XP password-less login Schmehl, Paul L (Sep 25)
  - Re: SAM Switch - Win2k/XP password-less login Cael Abal (Sep 25)
  - Message not available
    - DANGER: potentially broken f-prot updates Mike Tancsa (Sep 25)
    - Re: DANGER: potentially broken f-prot updates Mike Tancsa (Sep 25)
  - Re: SAM Switch - Win2k/XP password-less login Steve Ames (Sep 25)