On Sun, Sep 10, 2000 at 10:26:23AM -0400, Jonathan D. Proulx wrote:
> If they are trying to get root an have physical access to the box for
> get about it, one floppy will get me root on any x86 Linux box I have
> physial access to.
There are a few ways to physically secure a box, that should work on almost any
Intel-architecture system:
* Disable booting from anything but the hard disk in the CMOS/BIOS setup.
Put a password for the setup program, not the whole computer.
1) Lock the shell/cover on your computer. There's sometimes a tab that's
attached to a computer's chassis that comes through a slot in the
metal shell, in the back of the computer. This tab has a hole in it.
You could put a small pad lock on it to keep someone from being able
to remove the shell and clear the CMOS setup (or just the password if
your motherboard permits). AFAIK, the only way to get around that is
to pick or cut the lock, or cut open the shell somehow.
2) Some systems have a button on the back of the chassis that's usually
pressed in when the shell is on. If it's removed an alarm could be
sent over a network, possibly to a secured server that could page you
or something. Also have yourself be paged if the network connection
from the computer is lost from a cut/removed cable or computer power
off.
* If you can't do either of these, you may want to remove the floppy and/or
CD-ROM drives. Of course, if your family is REALLY evil they could
remove the hard disk and put it in a computer they have full control
over. =)
Of course, these methods are for extreme cases, and I would imagine your family
wouldn't be so motivated to hack* your box that you would need to secure it
like I suggested.
And to Jon, if you can bypass the first method of security without damaging the
lock, or just simply hacking* the box in a more conventional way, while only
using a floppy disk, please share some insight. =)
--
J.P. Larocque, known online as piranha
[EMAIL PROTECTED]
Fidonet: [EMAIL PROTECTED]:346/6 (The Garage, 509-326-4609)
Obscenity is whatever gives the Judge an erection.
* What I call hacking someone such as Eric S. Raymond would call cracking, so
shoot me.
