RE: Is there a kernel patch to stop single user mode?

From: Ranjeet Shetye (ranjeet.shetye2_at_zultys.com)
Date: 09/24/03

  • Next message: Ansgar -59cobalt- Wiechers: "Re: protect MS Windows 95/98/Me"
    To: security-basics@securityfocus.com
    Date: 24 Sep 2003 11:01:21 -0700
    
    

    On Wed, 2003-09-24 at 08:41, Tiago de Oliveira Quadra wrote:
    > And disable USB, SERIAL and LPT ports on the BIOS?
    > And put a password in BIOS?
    > And lock the server on a secure RACK?
    > What else?
    >
    > As Dave Gillett said:
    > - "... is a matter of physical security, not OS security."
    >
    > -----Original Message-----
    > From: Mike MacNeill [mailto:mmacneil@crosscountry.com]
    > Sent: sexta-feira, 19 de setembro de 2003 19:10
    > To: Carlos Eduardo Pinheiro; John Hebert
    > Cc: security-basics@securityfocus.com
    > Subject: Re: Is there a kernel patch to stop single user mode?
    >
    > Don't forget to remove the floppy or cdrom drive as well. Both could be
    > used to boot from and then mount the drive, edit lilo.conf, rmeove the
    > password etc etc...
    >
    > > From: "Carlos Eduardo Pinheiro" <cabeca@gmx.net>
    > > Date: Fri, 19 Sep 2003 18:12:12 -0300
    > > To: "John Hebert" <johnhebert@it-group.com>
    > > Cc: <security-basics@securityfocus.com>
    > > Subject: Re: Is there a kernel patch to stop single user mode?
    > >
    > > Set up a password on lilo.conf and use the option "restricted", it
    > will ask
    > > for the password just if a kernel parameter was specified at the
    > command
    > > line. i think it will solve your problem no?
    > >
    > > Regards,
    > >
    > > Carlos Eduardo Pinheiro - cabeca@gmx.net - ICQ#: 134439332
    > >
    > > ----- Original Message -----
    > > From: "John Hebert" <johnhebert@it-group.com>
    > > To: <security-basics@securityfocus.com>
    > > Cc: <general@brlug.net>
    > > Sent: Friday, September 19, 2003 1:13 PM
    > > Subject: Is there a kernel patch to stop single user mode?
    > >
    > >
    > >> Is there a way to stop someone with physical access to the box from
    > > booting
    > >> into single user mode and changing the root password? I'm not
    > interested
    > > in
    > >> solutions that require setting a boot or poweron password in the
    > BIOS. I'd
    > >> like something that could be done in the Linux kernel, so as to apply
    > to
    > >> multiple platforms.
    > >>
    > >> Thanks,
    > >> John Hebert
    > >>
    > >>
    > ------------------------------------------------------------------------
    > --
    > > -
    > >> Captus Networks
    > >> Are you prepared for the next Sobig & Blaster?
    > >> - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
    > >> - Precisely Define and Implement Network Security
    > >> - Automatically Control P2P, IM and Spam Traffic
    > >> FIND OUT NOW - FREE Vulnerability Assessment Toolkit
    > >> http://www.captusnetworks.com/ads/42.htm
    > >>
    > ------------------------------------------------------------------------
    > --
    > > --
    > >>
    > >>
    > >
    > >
    > >
    > >
    > ------------------------------------------------------------------------
    > ---
    > >
    > ------------------------------------------------------------------------
    > ----
    > >
    > >
    >
    >
    > ------------------------------------------------------------------------
    > ---
    > ------------------------------------------------------------------------
    > ----
    >
    >
    > ---------------------------------------------------------------------------
    > ----------------------------------------------------------------------------

    remove module support from kernel - i know its a pain to remove module
    support and give up hotplug,initrd etc.

    secure, self-contained, convenient - pick 2 out of 3.

    -- 
    Ranjeet Shetye
    Senior Software Engineer
    Zultys Technologies
    Ranjeet dot Shetye2 at Zultys dot com
    http://www.zultys.com/
     
    The views, opinions, and judgements expressed in this message are solely
    those of the author. The message contents have not been reviewed or
    approved by Zultys.
    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------
    

  • Next message: Ansgar -59cobalt- Wiechers: "Re: protect MS Windows 95/98/Me"

    Relevant Pages

    • Re: Pen Test mistake
      ... Ranjeet dot Shetye2 at Zultys dot com ... Modeled after the famous Black Hat event in ... Symanetc is the Diamond sponsor. ...
      (Pen-Test)
    • [BUG] sleep in invalid context #2
      ... Ranjeet dot Shetye2 at Zultys dot com ... The views, opinions, and judgements expressed in this message are solely those of the author. ... To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/ ...
      (Linux-Kernel)
    • [BUG] linux-2.6.0-test8 : sleep in invalid context #1
      ... Ranjeet dot Shetye2 at Zultys dot com ... The views, opinions, and judgements expressed in this message are solely ... send the line "unsubscribe linux-kernel" in ...
      (Linux-Kernel)
    • Re: TCP Header manipulation of the protocol field
      ... > modify IP, ICMP, TCP, UDP packets. ... Also, the Nemesis project. ... Ranjeet dot Shetye2 at Zultys dot com ...
      (Pen-Test)