Fwd: Single user mode
Matt Dawson
matt at chronos.org.uk
Tue May 15 11:24:03 UTC 2012
On Tuesday 15 May 2012 10:53:16 Vahid Shokouhi wrote:
> note that running command(s) in this mode result in temporary
> changes only in THIS boot; which means you can remove/undo changes
> by rebooting your machine.
Utter tosh. After (re)mounting you have as much access to the local
filesystems as you would from a root prompt and such configuration
changes are permanent.
Rule 1 of security applies whatever OS you're running: If someone else
can access your system then it's not your system any more. Physical
security can be as important as electronic. If you're worried about
local opportunists messing about with your systems:
1) Password protect the boot in the NVRAM so that even a power cycle/
hard reset disables opportunistic access;
2) Disable the three fingered salute reboot in syscons (options
SC_DISABLE_REBOOT in the kernconf);
3) Set the console as insecure;
4) Disable dropping to loader in the beastie menu;
5) Lock the damned door.
None of this is foolproof: 1 can be overridden by clearing the NVRAM
with the good old Mk1 shorting jumper, 2 is defeated by a hard reset,
3/4 can be defeated by using a live system that can read UFS (frenzy
spings to mind) and 5 with a prybar. If you need that level of
security, geli full FS encryption is your only option. If someone
*really* wants in and has access to the machine you'll have a hard
time keeping him out.
You may also want "Beware of the leopard" on the machine room door
along with a hungry rottweiler (if you're concerned with accuracy of
signage, paint him) and a few bored gorillas in security suits.
Alternatively, disguise the server as a crippled old 386 with a couple
of 7segs on the front panel displaying "25" and the turbo LED on in a
dusty corner with an old EPROM burner on the desk and a few 2732s
scattered about - nobody is going to pay that dinosaur any attention
whatsoever.
--
Matt Dawson
GW0VNR
MTD15-RIPE
More information about the freebsd-security
mailing list