Re: Hardware advice: seeking echoes of running Linux-PC clusters
On Tue, 30 Apr 1996, Neil Turton wrote:
> Lukas Nellen <lukas@teorica0.ifisicacu.unam.mx> wrote:
> > >From the point of view of security, do you really need a diskless
> > system? If you set a bios password, set the bios to boot only from C
> > and make sure that a password is required to enter single user mode,
> > wouldn't that be just as secure? Or is there a loophole which I
> > missed (not having tried this type of setup)?
>
There are programs available on the net which will cause a BIOS checksum
error. At bootup this error will allow the intruder into the BIOS setup
without a password (BIOS defaults are taken).
The intruder can then boot off of a floppy and access the machine regardless
of any OS security. NT, which is heralded as "C2 secure", and its NTFS
file systems are just as susceptible as any Linux or DOS/Windows box.
If you can't secure the machine, you can't secure the system. You can
still secure information through encryption however.
Our own Senator Leahy (D-VT) has recently proposed that almost everything
be encrypted; S.1587 is sort of an encryption "Bill of Rights." Maybe
someday (soon?) we will be able to put all this export/import munitions
ban garbage behind us.
_____________________________________________________________________
Don Gaffney (http://www.emba.uvm.edu/~gaffney)
Engineering, Mathematics & Business Administration Computer Facility
University of Vermont - 237 Votey Building - Burlington, VT 05405
(802) 656-8490 - Fax: (802) 656-8802
Reply to: