|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
Stop making mediocre tutorials.The best tutorials are video! Camtasia Studio makes it easy to create engaging, buzz-building screen videos at any size, in any popular format. Download the free trial!
|
|
#1
July 31st, 2002, 09:26 PM
|
||||
|
||||
|
Security tips here!
I have a good security tip if anyone doesnt already know it:
If someone reboots your machine they can type linux 1 (single user) and get root access to your machine, to over come this edit the /etc/inttab file and instruct the system to run the sulogin command by entering the following su:s:wait:/sbin/sulogin this however still lets the user boot the system but not get anywhere, LILO can also be changed to prevent this, if paramaters are given to LILO, it can instruct to ask for a password, put the following lines in image=/boot/vmlinux .......... .......... restricted password=Mypassword other=/dev/fd0 ............. ............ your lilo file obviously needs to be nonreadable then to other users, restricted keyword can be placed in other places which also prevents someone comming along with a boot disk and getting access that way. Is there any hacking counter measures that can be takin for these tips? if so please post here and let me know. Likewise, if you have any other security tips, please post here and educate 
__________________
microsofts butterfly is their way off telling u their systems have a **** load of buggs Advocating Linux Guide Lesbian Linux Great & Practical Computer Books like the links?
|
|
#2
August 1st, 2002, 04:40 PM
|
||||
|
||||
|
sorry, but i think this is the wrong place to discuss this. this forum is about programming, not cracking.
there is ways to circumvent anything. the only secure machine is one that is powered off and inside a safe. even then there is ways to get in... my linux distro still asks for the root password if i boot into runlevel 1 or S. but the actual hack you refer to is: lilo: linux init=/bin/sh which gives you root access without password. but there is 1000s others. to make a secure system, you need a lot more knowledge about security... Quote:
wrong. a bootdisk works independent of your haddisk setup. you need to setup boot device to be ONLY harddisk and password-protect the bios to prevent bootdisks. even better, encrypt the whole harddisk. bet even then i can get in anyway? and: did you know that there is standard-passwords for nearly every bios? did you know that you only need a few 100 tries to hack any bios password since they donīt store the complete password but a two-byte hash? take a hardware that simulates key-presses to test 1000s in a few minutes, eg. connect the keyboard port to a notebookīs com/lpt port. Quote:
obviously no system configuration file should. for further reference, visit: www.cert.org and get onto your linux distributorīs security mailing list. and also on redhatīs and suseīs. and i wonīt post any other urls. please donīt ask. greetings, M
__________________
-- Manuel Hirsch - Linux, FreeBSD, programming, administration articles, tutorials and more.
|
|
#3
August 1st, 2002, 05:16 PM
|
||||
|
||||
|
is this not the linux forum? there is others forums here for programming and algorithims, whats the harm in trying to find out how secure a machine against crackers?
|
|
#4
August 2nd, 2002, 12:24 AM
|
|||
|
|||
|
i wanted to express that there is probably few security experts here, so you better ask in a security mailing list or board.
there is a several 100 security tips on the url i told you and these guys are supposed to be among the best experts about security. if you have a specific question, no problem. i just donīt want you (and the others here) to get a false impression about security. this isnīt done with a few tips that we can put here over the next weeks... security is a full-time job and has to be done completely or is of no use at all. one single hole you leave open and over short time, somebody will find it. which distro are you using that has such a bad pre-configuration (no password in single user mode)?
|
|
#5
August 2nd, 2002, 12:51 AM
|
||||
|
||||
|
cough cough, mandrake 7
 , i was just wondering through the files and saw a badly configured lilo and inttab, i checked out your link, very interesting - thank you
|
|
#6
August 2nd, 2002, 05:09 AM
|
||||
|
||||
|
At the end of the day, if someone has physical access to your box, you're screwed anyway
 They could just take the hard drive out, mount it on a different box, and they've got all your data. Likewise they could use a boot floppy / cd to boot a system up then remove your protection by mounting the hard drive to a temporary place. Therefore the best security tip is to put a BIOS password on the machine, lock the case if possible, and hide it away somewhere, and use a different box to get remote access (assuming its a server we're talking about).
|
|
#7
August 3rd, 2002, 11:49 AM
|
|||
|
|||
|
an interesting thread about security in php:
http://forums.devshed.com/showthread.php?threadid=20525 you see, security has many many more aspects than only OS security
|
|
| Viewing: Dev Shed Forums > Operating Systems > Linux Help > Security tips here! |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
