Password Security

Bill Moran wmoran at collaborativefusion.com
Thu Nov 23 14:47:34 PST 2006 

On Thu, 23 Nov 2006 23:08:18 +0100
VeeJay <maanjee at gmail.com> wrote:

> On 11/23/06, Bill Moran <wmoran at collaborativefusion.com> wrote:
> >
> > On Thu, 23 Nov 2006 10:45:19 +0100
> > VeeJay <maanjee at gmail.com> wrote:
> >
> > > On 11/23/06, Olivier Nicole <on at cs.ait.ac.th> wrote:
> > > >
> > > > > And how can one into the System by booting from a CD if it still
> > > > > requires the Password even in Single User mode?
> > > >
> > > > Booting from CD, floppy or hard disk is slected at BIOS level.
> > > >
> > > > Booting in single or multi user mode is at Operating system level.
> > > >
> > > > Booting is in the following order:
> > > >
> > > > 1) BIOS select what medium to boot from
> > > >
> > > > 2) the operating system boot from the selected medium
> > > >
> > > > So when it comes to the Single user password, itis already at stage 2)
> > > > it has passed the stage 1 (booting from hard disk ofr CD) without
> > > > password.
> > > >
> > > > Olivier
> > > >
> > >
> > > So, it means, that I should take the following steps
> > >
> > > 1. Password on BIOS
> > > 2. Change the order of booting i.e. When system is installed and working
> > > once, then I just the change the Booting FIRST from HardDisk.
> > > 3. Put the password on Single User mode.
> > >
> > > So, what more? Do you people think that I have got somehow security
> > barrier
> > > for unauthorized access?
> >
> > Physically _LOCK_ the server up.  Anyone who can get physical access to
> > the
> > unit can remove the drive and access it from another machine, bypassing
> > all
> > this stuff.
> >
> > Another option is to encrypt the hard drives, but this will require you
> > (or
> > someone else) to enter the password for the encrypted drives every time
> > the
> > system boots up, so it's generally a maintenance nightmare.
> >
> 
> 
> Well, I am not an expert on FreeBSD. And thats why I don't know that how it
> works that
> 
> If 4 Disks of same size for example 146GB each and they are configured with
> RAID 10, and Root, SWAP, /usr, /var File systems have been created on them.
> And if one takes one or two harddisks and how come he would be able to read
> the data when data is splited on 4 disks?

Your logic escapes me.  If someone were to physically break in to the machine
to steal your data, why would they only take some of the drives?

More information about the freebsd-questions mailing list