Here are some possibilities: Set up a BIOS password. Remove the keyboard and monitor from the server. Lock the server closet.
If a user has physical access to the machine, he (or she) can probably make it do anything desired by that user. If this is a workstation and users must have physical access: Require all files be saved on a server Image the drive whenever authorized changes are made. If this happens again, reimage the drive from backup. I hope this is helpful. Christian Hampson, CISSP -----Original Message----- From: camthompson [mailto:[EMAIL PROTECTED]] Sent: Friday, January 24, 2003 10:45 PM To: [EMAIL PROTECTED] Subject: security scenario consider this (I'm trying to make a network more secure) : A user enters grub upon bootup and hits "e" to edit the Linux boot procedure and then continues to boot into single user mode, and he then chagnes the root password to whatever he suits.... the user who did this is eventually tracked down and taken care of. Now, how would I prevent this from happening in future instances?
