You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2004-10-17 15:16:14
- z4ziggy
- Member
- From: Israel
- Registered: 2004-03-29
- Posts: 573
- Website
local security issues (and doubts)...
Hi ppl,
as a new (1 year) linux user, i follow the usual security guidelines - ie, no root login, only wheel users, and for all system activities i use su/sudo. now, even with all those security measures the local station can still be very easily attacked by using a live-cd and mount my drives, therefor no real security achieved, even with all the normal security guidelines.
so, i would like to ask - isn't it best to secure the pc using the bios password or encrypted filesystem (other ideas will be greatly appreciated) and then allow root login via local only? i see no security holes in this, on the contrary - i think its more secure since i can disable the root user and only allow local root logins via pam. but im just a newbie... your thoughts please?
tnx in advance,
z4ziggy
Offline
#2 2004-10-17 16:51:15
- Mr Green
- Forum Fellow
- From: U.K.
- Registered: 2003-12-21
- Posts: 5,914
- Website
Re: local security issues (and doubts)...
Mr Green
Offline
#3 2004-10-17 17:03:01
- z4ziggy
- Member
- From: Israel
- Registered: 2004-03-29
- Posts: 573
- Website
Re: local security issues (and doubts)...
tnx for the quick reply.
can i thus deduce that disabling root and allowing only local root logins via pam (and since root is disabled - it will be passwordless 
) is not much for a security hole comparing to current situation?
tnx in advance,
z4ziggy
Offline
#4 2004-10-17 17:19:38
- Kalidor
- Member
- Registered: 2004-06-18
- Posts: 80
Re: local security issues (and doubts)...
now, even with all those security measures the local station can still be very easily attacked by using a live-cd and mount my drives
... you forgot baseball bats. 
Offline
#5 2004-10-17 18:30:20
- cactus
- Taco Eater
- From: t͈̫̹ͨa͖͕͎̱͈ͨ͆ć̥̖̝o̫̫̼s͈̭̱̞͍̃!̰
- Registered: 2004-05-25
- Posts: 4,622
- Website
Re: local security issues (and doubts)...
generally, theres is something to be said for physical security. Even if someone can't get the data off your box or mess with it, they could always just pull the ethernet cable out. Sometimes that can be just as bad...
"Be conservative in what you send; be liberal in what you accept." -- Postel's Law
"tacos" -- Cactus' Law
"t̥͍͎̪̪͗a̴̻̩͈͚ͨc̠o̩̙͈ͫͅs͙͎̙͊ ͔͇̫̜t͎̳̀a̜̞̗ͩc̗͍͚o̲̯̿s̖̣̤̙͌ ̖̜̈ț̰̫͓ạ̪͖̳c̲͎͕̰̯̃̈o͉ͅs̪ͪ ̜̻̖̜͕" -- -̖͚̫̙̓-̺̠͇ͤ̃ ̜̪̜ͯZ͔̗̭̞ͪA̝͈̙͖̩L͉̠̺͓G̙̞̦͖O̳̗͍
Offline
Pages: 1