Password Security

[Jerry McAllister]

On Wed, Nov 22, 2006 at 04:41:37AM +0100, VeeJay wrote:

> Hi
> 
> I need to secure my data and server. Any advice will be highly appreciated.
> 
> I am going to place my FreeBSD server at a shared place?
> 
> I am just afraid that any unauthorized person might boot machine in single
> user mode and steal the data?
> How can I make my Server secure that if if boots in single user mode, it
> still demands the password and without password one cannot do anything?
> or make it possible that booting in Single user mode, doesn't provide any
> shell?

Lock it in a box.   Anyone who can put their hands physically can
get in to the machine with a little tinkering even if you disable
lots of software.

I think you can get rid of the single user option in the boot,
but anyone with a CD can defeat that if they want to.  It would
make things harder for yourself in managing the system, but it
would slow a person down from casual interference.

Also, many machines have BIOS level boot passwords that can be turned 
on.  Using that would slow a person down, but be annoying for youself,
especially in times such as power failures - the system would not come
back up automatically without someone entering the BIOS password.

Plus, if a person is determined enough, they can defeat that as well
by removing the battery backup for the MB or the flash memory.   But, 
it would stop casual tinkering.   

////jerry

> 
> Thanks in advance
> 
> --
> 
> BR / vj
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"