Re: Any ways to software lock a Linux PC? An additional Complexity

From: Daniel Franklin (daniel_at_widrow.snrc.uow.edu.au)
Date: 11/07/03

• Next message: Mike: "Interesting problem with fileio and stdin"
• Previous message: Neil Horman: "Re: Problem in ptrace()/wait() system call"
• In reply to: Norm Dresner: "Re: Any ways to software lock a Linux PC? An additional Complexity"
• Next in thread: Grant Edwards: "Re: Any ways to software lock a Linux PC?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Date: 7 Nov 2003 09:52:10 +1000

Norm Dresner wrote:
>
> In addition to worrying about physical access to the PC running Linux, there
> are two other computers in the network, both SGI workstations running IRIX,
> and any user could rlogin from these to the Linux PC.

Why the hell do you have these services installed on your system if you
don't want people to be able to use them?? Stop reading the news and edit
/etc/inetd.conf and REMOVE that and any other service you don't need/want
RIGHT NOW (then restart inetd - killall -HUP inetd should do it). On an
untrusted network you should never run rlogind, telnetd or ftpd (at least
you should only allow anonymous FTP if you need it, don't let users ftp to
their own accounts). All of those services send passwords around the network
in plain text. Install ssh if you need remote access, that encrypts
everything.

If users have physical access to your server (if they can touch it or touch
something plugged into it) then you're already insecure...

- Daniel

-- 
*************************************************************************
*    Daniel Franklin - Lecturer in Computer Engineering
*    University of Wollongong, NSW, Australia  *  d.franklin at ieee.org
*************************************************************************

---

• Next message: Mike: "Interesting problem with fileio and stdin"
• Previous message: Neil Horman: "Re: Problem in ptrace()/wait() system call"
• In reply to: Norm Dresner: "Re: Any ways to software lock a Linux PC? An additional Complexity"
• Next in thread: Grant Edwards: "Re: Any ways to software lock a Linux PC?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Relevant Pages Re: Any ways to software lock a Linux PC? An additional Complexity ... > In addition to worrying about physical access to the PC running Linux, ... > are two other computers in the network, both SGI workstations running IRIX, ... If users have physical access to your server (if they can touch it or touch ... (comp.os.linux.development.apps) Re: Hard Sci-fi? ... only truly secure computer is one which is disconnected from the ... Yes, but that includes physical access, social engineering, and all ... computers. ... over by remote exploits via network data. ... (rec.arts.sf.science) Re: The Hard Problem for Behaviorists ... correct low level abstractions to define the operation of the brain with - ... Do you not know how computers work? ... you can think of this type of network like you ... when you drop a marble in hole X1, ... (sci.cognitive) Re: {workgroup}"...is not accessible" after removing NWLINK ... I generally reboot the machine whenever I make network ... >problem is a browse service that won?t run on the XP machine using the TCP/IP ... >?The browser has forced an election on network ... >> computer, and one, or preferably two, of the Windows 98 computers. ... (microsoft.public.windowsxp.network_web) Re: Help with 070-217 ... The network contains 25,000 computers. ... > single Windows 2000 domain named research.contoso.com. ... > Server computers that are configured as domain controllers. ... (microsoft.public.cert.exam.mcse)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint

linux.derkeiler.com  > Newsgroups  > comp.os.linux.development.system  > 2003-11