You are not logged in.

#1 2004-10-17 15:16:14

z4ziggy
Member
From: Israel
Registered: 2004-03-29
Posts: 573
Website

local security issues (and doubts)...

Hi ppl,

as a new (1 year) linux user, i follow the usual security guidelines - ie, no root login, only wheel users, and for all system activities i use su/sudo. now, even with all those security measures the local station can still be very easily attacked by using a live-cd and mount my drives, therefor no real security achieved, even with all the normal security guidelines.

so, i would like to ask - isn't it best to secure the pc using the bios password or encrypted filesystem (other ideas will be greatly appreciated) and then allow root login via local only? i see no security holes in this, on the contrary - i think its more secure since i can disable the root user and only allow local root logins via pam. but im just a newbie... your thoughts please?

tnx in advance,
z4ziggy

Offline

#2 2004-10-17 16:51:15

Mr Green
Forum Fellow
From: U.K.
Registered: 2003-12-21
Posts: 5,914
Website

Re: local security issues (and doubts)...


Mr Green

Offline

#3 2004-10-17 17:03:01

z4ziggy
Member
From: Israel
Registered: 2004-03-29
Posts: 573
Website

Re: local security issues (and doubts)...

tnx for the quick reply.

can i thus deduce that disabling root and allowing only local root logins via pam (and since root is disabled - it will be passwordless smile) is not much for a security hole comparing to current situation?

tnx in advance,
z4ziggy

Offline

#4 2004-10-17 17:19:38

Kalidor
Member
Registered: 2004-06-18
Posts: 80

Re: local security issues (and doubts)...

z4ziggy wrote:

now, even with all those security measures the local station can still be very easily attacked by using a live-cd and mount my drives

... you forgot baseball bats.  wink

Offline

#5 2004-10-17 18:30:20

cactus
Taco Eater
From: t͈̫̹ͨa͖͕͎̱͈ͨ͆ć̥̖̝o̫̫̼s͈̭̱̞͍̃!̰
Registered: 2004-05-25
Posts: 4,622
Website

Re: local security issues (and doubts)...

generally, theres is something to be said for physical security. Even if someone can't get the data off your box or mess with it, they could always just pull the ethernet cable out. Sometimes that can be just as bad...


"Be conservative in what you send; be liberal in what you accept." -- Postel's Law
"tacos" -- Cactus' Law
"t̥͍͎̪̪͗a̴̻̩͈͚ͨc̠o̩̙͈ͫͅs͙͎̙͊ ͔͇̫̜t͎̳̀a̜̞̗ͩc̗͍͚o̲̯̿s̖̣̤̙͌ ̖̜̈ț̰̫͓ạ̪͖̳c̲͎͕̰̯̃̈o͉ͅs̪ͪ ̜̻̖̜͕" -- -̖͚̫̙̓-̺̠͇ͤ̃ ̜̪̜ͯZ͔̗̭̞ͪA̝͈̙͖̩L͉̠̺͓G̙̞̦͖O̳̗͍

Offline

Board footer

Powered by FluxBB