Re: Security measures...

[Alastair Donlon <nospam [at] netsoc.ucd.ie>]

On Thu, Feb 10, 2000 at 05:55:13PM +0000, José Luis Gómez Dans wrote:
> On Thu, Feb 10, 2000 at 05:11:58PM -0000, Foz wrote:
> > Hi,
> > 	Now I have SuSE 6.3 up and running, the best measure to take 
> > for security. I am now letting other people use my machine 
> > (multiple accounts for regular users and a default guest account for 
> > everyone else), and I don't want to come back with either no linux 
> > left or root passwords changed or anything like that.
> 
> 	Do you have shadow passwords installed? I don't know whether
> SuSE installs that by default, but most other distros do (or they give
> you an option to do so). See if you have /etc/shadow (only to be read by
> the superuser).
> 
> 	
> > Any suggestions? Also if they are in the console, the halt 
> > command would be nice for users to get access to...
> 
> 	Usually, they can just press ctrl+alt+del to reset and then
> switch off.
> 
> > I have the BIOS password set, a decent root password (every two 
> > weeks gets changed) Am I missing anything else? I have seen a 
> 
> 	Make sure the machine doesn't boot off floppies or make sure it
> doesn't boot any other "lesser" operating systems. Also check to see
> whether your master boot record allows you to boot up from a floppy.
> 

If you're going to be giving people physical access to the machine,
then you want to make _absolutely_ sure about the security of the
case. If somebody can get the case off then they can easily compromise
the BIOS password. Once that's gone, the machine is his/hers.

A.D.

---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word 
 "unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.