[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] cobalt kb - resetting root/admin password
- Subject: Re: [cobalt-security] cobalt kb - resetting root/admin password
- From: Paul Gillingwater <paul@xxxxxxxxxxx>
- Date: Wed, 29 Aug 2001 09:37:56 +0200 (CEST)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Quoting Sean Slavin <sslavin@xxxxxxxxxxx>:
> i got on the knowledge base this morning and searched for 'push'. below
> is the article that came back...
[verious things involving a paperclip snipped]
> to me, this doesn't seem like the best answer to put in the knowledge.
> does it concern anyone else as much as it does me? especially those of
> you that are running remote servers. i'm going to have several remote
> qubes running that shouldn't be mucked around with. if it's this easy to
> get into the box...
It is well-known to most people in security that if you can get physical
access to a box, all bets are off. It's easy to open a box, remove disk
drives, change the bios to boot from a CD or floppy, etc. There are ways
to minimise these risks (physical locks, BIOS passwords, etc.) but all it
does is slows down a determined attacker. Even encrypting your filesystem
is merely an inconvenience, as the keys must be nearby for fast recovery
of a production system.
Just find a hosting service you can trust, and work on limiting the
other areas of potential damage, from local or remote attackers.
(Note it's relatively easy to do the same thing to Cisco routers too,
if you can get physical access.)
*********************************
Paul Gillingwater
Managing Director
CSO Lanifex Unternehmensberatung
& Softwareentwicklung G.m.b.H.
NEW BUSINESS CONCEPTS
E-mail: paul@xxxxxxxxxxx
Teleph: +43(1)2198222-0
Fax: +43(1)2198222-11
Mobile: +43(699)1922 3085
Webhome: http://www.lanifex.com/
Address: Praterstrasse 60/1/2
A-1020 Vienna, Austria
*********************************