From owner-freebsd-questions@FreeBSD.ORG Thu Nov 23 19:48:37 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 9B00716A4FF for ; Thu, 23 Nov 2006 19:48:37 +0000 (UTC) (envelope-from youshi10@u.washington.edu) Received: from mxout2.cac.washington.edu (mxout2.cac.washington.edu [140.142.33.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id DDD5643DAE for ; Thu, 23 Nov 2006 19:47:18 +0000 (GMT) (envelope-from youshi10@u.washington.edu) Received: from smtp.washington.edu (smtp.washington.edu [140.142.33.9]) by mxout2.cac.washington.edu (8.13.7+UW06.06/8.13.7+UW06.09) with ESMTP id kANJlfv8012690 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Thu, 23 Nov 2006 11:47:42 -0800 X-Auth-Received: from [140.142.167.19] (cs331-18.spmodem.washington.edu [140.142.167.19]) (authenticated authid=youshi10) by smtp.washington.edu (8.13.7+UW06.06/8.13.7+UW06.09) with ESMTP id kANJlbcC006884 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT) for ; Thu, 23 Nov 2006 11:47:40 -0800 Mime-Version: 1.0 (Apple Message framework v752.2) In-Reply-To: <200611230757.11410.GregoryC@stcinc.com> References: <2cd0a0da0611211941iae07787q3f433fb2c8ab1f22@mail.gmail.com> <200611230757.11410.GregoryC@stcinc.com> X-Gpgmail-State: !signed Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <5DDF6D7C-4FF7-4857-B07E-4462F3C89F97@u.washington.edu> Content-Transfer-Encoding: 7bit From: Garrett Cooper Date: Thu, 23 Nov 2006 11:47:35 -0800 To: freebsd-questions@freebsd.org X-Mailer: Apple Mail (2.752.2) X-PMX-Version: 5.2.2.285561, Antispam-Engine: 2.5.0.283055, Antispam-Data: 2006.11.23.113435 X-Uwash-Spam: Gauge=IIIIIII, Probability=7%, Report='LEO_OBFU_SUBJ_RE 0.1, __C230066_P2 0, __CP_URI_IN_BODY 0, __CT 0, __CTE 0, __CT_TEXT_PLAIN 0, __HAS_MSGID 0, __HAS_X_MAILER 0, __MIME_TEXT_ONLY 0, __MIME_VERSION 0, __SANE_MSGID 0' Subject: Re: Password Security X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Nov 2006 19:48:37 -0000 On Nov 23, 2006, at 7:57 AM, Gregory Carvalho wrote: > You might consider a safe with A/C from Black Box. Expensive, but > an option > for you. > > On Tuesday 21 November 2006 19:41, VeeJay wrote: >> Hi >> >> I need to secure my data and server. Any advice will be highly >> appreciated. >> >> I am going to place my FreeBSD server at a shared place? >> >> I am just afraid that any unauthorized person might boot machine >> in single >> user mode and steal the data? >> How can I make my Server secure that if if boots in single user >> mode, it >> still demands the password and without password one cannot do >> anything? >> or make it possible that booting in Single user mode, doesn't >> provide any >> shell? >> >> Thanks in advance >> >> -- >> >> BR / vj >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to >> "freebsd-questions-unsubscribe@freebsd.org" Being able to Kensington lock the machine so that it can't be opened (thinking of Dells), you can prevent physical access to a large degree (only have to worry about people that can screw up the lock), and prevent people from taking the drive OR resetting the CMOS jumper, giving people access to the BIOS without a password (one thing that many people haven't mentioned about security so far). -Garrett