2003 00:23
To: Chris Berry; [EMAIL PROTECTED]
Subject: Re: security scenario
Well , I think that instead of dealing with how many layers one can
install (and taking the time to install them) it is better (IMHO) to
invest the time in making the important layers secure. having more
layers won
t;theog" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Friday, January 31, 2003 9:04 PM
Subject: RE: security scenario
Not being smart or anything but what layers in this scenerio do you see
as the important ones?
How would you tackle this problem?
Trevor Cushen
Sysnet L
Trevor Cushen wrote:
anyway). They then schedule overnight a dd of the system disk to a disk
in their machine over the network (very easy to do) What priviledges do
they need?? I must check this but I have a feeling they will have
access to /dev files and also the /bin files where netcat and d
essage-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: 30 January 2003 07:34
> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: RE: security scenario
>
>
> Would be any help if the root partition (and why not other partitions as
> well) is encrypted? O
From: camthompson [mailto:[EMAIL PROTECTED]]
Sent: Saturday, January 25, 2003 12:45 AM
To: [EMAIL PROTECTED]
Subject: security scenario
consider this (I'm trying to make a network more secure) :
A user enters grub upon bootup and hits "e" to edit the Linux boot
procedure and then co
r all because all
environments are different.
Trevor Cushen
Sysnet Ltd
www.sysnet.ie
Tel: +353 1 2983000
Fax: +353 1 2960499
-Original Message-
From: theog [mailto:[EMAIL PROTECTED]]
Sent: 31 January 2003 00:23
To: Chris Berry; [EMAIL PROTECTED]
Subject: Re: security scenario
Well , I
Would be any help if the root partition (and why not other partitions as well) is
encrypted? Ok, in that case the server must not re-boot.
- Pasi
> From: ext theog [mailto:[EMAIL PROTECTED]]
> I agree , in my opinion , if someone got to the machine's
> keyboard , be it
> phisically or
From: "theog" <[EMAIL PROTECTED]>
I agree , in my opinion , if someone got to the machine's keyboard ,
be it phisically or via a remote console device , he can do virtually
anything, in fact, the simplest thing to do (if I wanted to change the
root for a machine I dont have the password for) is to
which would
almost definitely draw some attention - "Hey Jim what're the bolt cutters
for."
Gavin S.
-Original Message-
From: Chris Berry [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 28, 2003 1:40 PM
To: [EMAIL PROTECTED]
Subject: Re: security scenario
>From: Gene
age-
From: Gene Cronk [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 27, 2003 6:57 PM
Cc: [EMAIL PROTECTED]
Subject: Re: security scenario
No CD Rom/Floppy in the server? :-D
Burton M. Strauss III wrote:
> You can't ... well, the grub password may prevent the trivial case, but i
> consider this (I'm trying to make a network more secure) :
> A user enters grub upon bootup and hits "e" to edit the Linux boot
> procedure and then continues to boot into single user mode, and he
> then chagnes the root password to whatever he suits the user who
> did this is eventually t
From: Gene Cronk <[EMAIL PROTECTED]>
No CD Rom/Floppy in the server? :-D
He specified workstation, but to answer your question I have a locking
server case to prevent unauthorized access. In addition we're installing
cypherlocks on the server room door (can't afford a smartcard system right
On Fri, 24 Jan 2003, camthompson wrote:
> consider this (I'm trying to make a network more secure) :
> A user enters grub upon bootup and hits "e" to edit the Linux boot
> procedure and then continues to boot into single user mode, and he then
> chagnes the root password to whatever he suits t
loppy?)
-Burton
-Original Message-
From: camthompson [mailto:[EMAIL PROTECTED]]
Sent: Saturday, January 25, 2003 12:45 AM
To: [EMAIL PROTECTED]
Subject: security scenario
consider this (I'm trying to make a network more secure) :
A user enters grub upon bootup and hits "e" to
, 2003 10:45 PM
To: [EMAIL PROTECTED]
Subject: security scenario
consider this (I'm trying to make a network more secure) :
A user enters grub upon bootup and hits "e" to edit the Linux boot
procedure and then continues to boot into single user mode, and he then
chagnes the r
Well,
Firstly if the environment is supposed to be a secure environment use
the systems bios to lock the keyboard, if that is not possible, require
a bios password at boot. You might also want to use lilo.
On Sat, 2003-01-25 at 01:44, camthompson wrote:
> consider this (I'm trying to mak
Probably the simplest thing to do is to add a password to grub. Edit
/boot/grub/grub.conf and add the line "password=yourpassword". Then don't
forget to set appropriate permissions on that file and probably
/etc/grub.conf so that random people can't just look up the password.
Good Luck,
-Jonatha
17 matches
Mail list logo