X-RDate: Thu, 16 Apr 1998 12:28:39 +0600 (YEKST)
X-UIDL: 35317d3400000032
Date: Tue, 14 Apr 1998 12:20:08 -0700 (PDT)
From: sinster@darkwater.com
To: linux-security@redhat.com
Subject: [linux-security] Re: New hack against BSD, Linux is _mostly_ safe from it.
Cc: sinster@darkwater.com
A number of people (4) have replied to me saying that this hack I've
mentioned isn't particularly interesting because physical access allows
an attacker to use a boot floppy.
But that's entirely missing the point: this attack requires no boot
medium at all. In fact, I specifically mentioned that in my original
message. This minor detail becomes important because there are a large
number of machines around the world where physical access to the console
is trivial for the general public, but access to the machine itself for
purposes of disassembly or insterting a floppy is difficult or impossible.
Two classic examples of such machines are internet cafes (where the machine
is padlocked into a steel enclosure that provides access only to the power,
video, and keyboard cables), or in university computer labs (where the
machine is accessible, but a watchful attendent is keeping an eye on the
relatively small number of machines present).
While none of these machines are likely to contain information that is
sufficiently interesting for an attacker, root access to these types of
machines is useful in itself because it provides a good way to stop
any audit trail of an attack.
(As Ted T'so discovered while trying to email me from MIT, I put a lot
of value in the accuracy and usefulness of my system logs).
[mod: Lets put this (definitively NOT NEW) issue to rest ok? Summary:
It is hard, if not impossible to secure a machine that you allow
physical access to. Make sure you set passwords on the BIOS and LILO
if your adversaries are not opening the box, or if you've locked the
box. BIOS passwords are most likely uneffective, as many BIOS
manufacturers have provided for backdoors. -- REW]
--
Jon Paul Nollmann ne' Darren Senn sinster@darkwater.com
Unsolicited commercial email will be archived at $1/byte/day.
"I believe there are more instances of the abridgement of the freedom of the
people by gradual and silent encroachment of those in power than by violent
and sudden usurpations." James Madison, speech, Virginia Convention, 1788
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe test-list-request@redhat.com < /dev/null
