Full Disclosure mailing list archives

RE: Rooting Linux with a floppy

From: "Lauro, John" <jlauro () umflint edu>
Date: Fri, 15 Jul 2005 07:04:02 -0400

 6.2?  What is that???  Latest kernel is 2.6...

This is true of the default install of almost every Unix-like OS
including Solaris and, and ever Windows OS including Windows 2003
(although the files you have to alter are different in Windows).  (Of
course with windows you generally need at least a boot CD to get
enough tools to do anything useful).


Note, this is the standard *default* setup...  With Linux (and
others), you can use an encrypted filesystem if you are paranoid at
the cost of a performance hit and the ability to do full autostart
without leaving the key in the machine...  I'm not even sure if there
is a distribution that ships with it as an option for a standard
install, as it's generally better to keep the servers phyisically
secure then the PITA it causes from the performance hit and most of
the time it is good to leave an emergency back-door for the admin who
replaces you.  Even with an encypted filesystem, all it takes is lots
of compute power to break with key, and/or the password for the key.
So with physical access to the server, you could still clone (or
steal) the hard drive, and break it off-site.

-----Original Message-----
From: full-disclosure-bounces () lists grok org uk 
[mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Sumy
Sent: Thursday, July 14, 2005 8:24 PM
To: SBUGTRAQ
Cc: FULLDISC
Subject: [Full-disclosure] Rooting Linux with a floppy

You have lost your root password on your linux box and now 
you consider formatting everythign to regain control? Your 
admin is a moron that leaves the server available physically 
for everybody? You wanna test your Linux box? Don't worry if 
you have at least a floppy rescue disk under hand,you can 
root it ;-) )

The problem with the new version of Linux since 6.2 is :
http://www.exploitx.com/69/rooting-linux-with-a-floppy/
--
Security Portal:
http://www.exploitx.com
 Forum: http://www.exploitx.com/forum/

Other sites:
http://www.nutritionguides.net
http://www.mesothelioma911.net
http://www.Garticles.net
http://www.WebhostingReview.biz
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Rooting Linux with a floppy Sumy (Jul 15)
- Re: Rooting Linux with a floppy Kurt Seifried (Jul 15)
- Re: Rooting Linux with a floppy sec-list (Jul 15)
  - Re: Rooting Linux with a floppy Dunceor . (Jul 15)
- Re: Rooting Linux with a floppy Dan Becker (Jul 15)
- Re: Rooting Linux with a floppy Rik Bobbaers (Jul 15)
- Re: Rooting Linux with a floppy Harry de Grote (Jul 15)
- Re: Rooting Linux with a floppy als (Jul 16)
- <Possible follow-ups>
- RE: Rooting Linux with a floppy Lauro, John (Jul 15)
  - Re: Rooting Linux with a floppy Nicolas CARTRON (Jul 15)
  - RE: Rooting Linux with a floppy James Longstreet (Jul 15)
    - Re: Rooting Linux with a floppy Ron (Jul 15)
    - RE: Rooting Linux with a floppy Eric Paynter (Jul 15)
  - Re: Rooting Linux with a floppy sec-list (Jul 17)
- RE: Rooting Linux with a floppy Dolan, Patrick (Jul 15)