Re: securing system after giving away root password
From: Barton L. Phillips (barton_at_applitec.com)
Date: 09/20/05
- Next message: Barton L. Phillips: "Re: securing system after giving away root password"
- Previous message: Barton L. Phillips: "Re: Use iptables to block all non-US ssh traffic"
- In reply to: Unruh: "Re: securing system after giving away root password"
- Next in thread: Unruh: "Re: securing system after giving away root password"
- Reply: Unruh: "Re: securing system after giving away root password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 20 Sep 2005 19:00:33 GMT
Unruh wrote:
> "Tuncay Sari" <no@spam.net> writes:
>
>
>>Hello,
>
>
>>I signed an agreement with a provider in Germany for server housing. After
>>sending my Fedora Core 4 system to them, they claim now that they expected a
>>tower instead of a 2HE server. And thus they need to change the IP address
>>they say...(as a matter of fact I never told them it would be a tower, I
>>just oversaw to check the option in the agreement...they ought to have asked
>>me if I was going to send a tower or a 2HE machine...)
>
>
>>Problem is following: I had to tell them my root password to have some
>>network settings changed. After those settings I'll be able to connect via
>>ssh.
>
>
>>How can I check that they ONLY changed some network files? How can I know
>>they didn't install any software infringing linux security? Or copied my
>>programs?
>
>
> You cannot. You decided to give them the root password. That gave them
> complete and total control over your machine. You have no guarentee of
> anything anymore.
>
> Log files mean nothing. They could have changed any log files.
>
>
>
>>Of course I'll have a detailed look at any entries in /var/log. But what
>>else can I do?
>
>
> Bring the computer back and reinstall everything after having wiped the
> whole disk. Also restore all non-os stuff from a good backup.
>
> Note that this is really a bit useless anyway, since they have physical
> access to the device. They can thus remove your hard disk, put it onto
> another machine and install all the malware they want onto the disk as root
> on that other machine. They then reinstall the disk into your machine.
>
> Exactly why did you decide to give away control over your own machine?
>
>
>>thank in advance,
>
>
>>T. Sari
>
>
>
It really doesn't matter if you gave them your root password or not. As
long as they have physical control and access to your computer they can
always run something like Knoppix or any live CD and do anything they
want on your machine. They can move a set of their own passwd, shadow et
all to your disk's /etc and then just reboot your system.
The only possible security you can have when someone has physical
control of your computer is encrypted files, and even that is limited.
If you don't trust your provider you shouldn't use them, or if you do
use them you shouldn't have information on the machine that needs real
security.
-- ---------------- Barton L. Phillips Applied Technology Resources, Inc. Tel: (818)652-9850 Web: http://www.applitec.com
- Next message: Barton L. Phillips: "Re: securing system after giving away root password"
- Previous message: Barton L. Phillips: "Re: Use iptables to block all non-US ssh traffic"
- In reply to: Unruh: "Re: securing system after giving away root password"
- Next in thread: Unruh: "Re: securing system after giving away root password"
- Reply: Unruh: "Re: securing system after giving away root password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
