----- Original Message ----- From: "Jeff Gutierrez" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, July 13, 2002 9:11 PM Subject: Re: [plug] root user id.
> 1. Use LILO's password-secured single mode access > 2. Disable floppy booting > 3. Password-protect BIOS setup access > 4. Install a PC case lock hehehe jeff, nice story there but allow me to act as their baby brother to hack tatay's well secured pc. :-> for number 1 and 2.... the trick there is to remove the hard disk and put it on another pc and mount it... for number 3, open the pc and short circuit or jumper the cmos battery.. for number 4.. go to nanay pekta and cry that tatay lock the pc hehehehe > or > 1. Always carry the HDD with him when he goes away? hehehe that is another option.. to be more general, any removable disk.... but still nanay pekta will start to doubt why he did that :-> ok seriously, for my suggestion of number 1 and 2, this is the general and simple rule to change password for *any* unix operating system. for number 3, that is the simple way to do it... but let me tell you a story during my college days where the first bios released with a cmos password feature in fame during that time... our lab administrator is strict, showy and confident that no students can play with the cmos setup (if you open the pc case, you are subject to disciplinary action).. as you know students are curious and wanted to know what is cmos setup is all about... to his surprise i changed it without opening the pc case.. hehehehe.. what i did is that i trace the bios thru a debugger (d86 is my favorite during that time because debug.com and turbo debugger are not good for bios tracing) and learn how the bios update, read and write the cmos password... i wrote an assembly program to change or clear the cmos password.... the funny thing is that, i changed all the pc's cmos password into "ewanko" (in english "i dont know") and spread to all students that you already have the freedom to learn what is cmos setup is all about by using that password.. when our lab administrator saw one student is playing with the cmos setup.. that student suddenly press the reset button due to fear with our lab admin.. then suddenly the lab admin try to access the cmos setup with his secretly known password and cant pass thru... he got mad and try to ask that student what is the new cmos password? that student said "ewan ko sir" (i dont know sir")... the lab admin ask so many times until he gave an ultimatum that he will be discharge from the school if he dont tell him for the last time.... but still that student said "ang kulit mo sir... ewan ko NGA SIR!!!" the lab admin noticed that all the students in the laboratory are laughing with him arguing with that student.. hehehehe ok enough with the funny story.... actually this is the pitfall of any unix OS that is very vulnerable once you have the physical access to it... unlike with novell, you have to find another pc to administer it... novell is the best well secured OS compare to other OS that i know of... so what happen if you forgot the admin password of novell? mostly you are in big trouble but of course there is a work around and it requires extra talent to do it.. there is a special and undocumented code that you can blank novell's admin password right at the server's console :-> fooler. _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
