From owner-freebsd-questions@FreeBSD.ORG Thu Nov 23 08:56:25 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 102AE16A47E for ; Thu, 23 Nov 2006 08:56:25 +0000 (UTC) (envelope-from maanjee@gmail.com) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.183]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8331843D68 for ; Thu, 23 Nov 2006 08:55:50 +0000 (GMT) (envelope-from maanjee@gmail.com) Received: by py-out-1112.google.com with SMTP id f31so261862pyh for ; Thu, 23 Nov 2006 00:56:23 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=HgEHwgwu35OxYrkGS1WaV2qQ/Kx5OMQ98XCilvNprcWwZKGEB/lcmeAWKxK3/9w3SBUDa97GSlM+Y3m1JTyzTottjKsgobMJNwBT97URaR0UIsAGK7YnYC9UlpdUNPVm2333XemZVfmt8nDWNg9Njqfzj/AUNUArIm26QVqKguE= Received: by 10.35.69.11 with SMTP id w11mr2927549pyk.1164272183640; Thu, 23 Nov 2006 00:56:23 -0800 (PST) Received: by 10.35.32.4 with HTTP; Thu, 23 Nov 2006 00:56:23 -0800 (PST) Message-ID: <2cd0a0da0611230056l15bfccaamb3ed3d439e2786b8@mail.gmail.com> Date: Thu, 23 Nov 2006 09:56:23 +0100 From: VeeJay To: "Jerry McAllister" In-Reply-To: <20061122163317.GC50939@gizmo.acns.msu.edu> MIME-Version: 1.0 References: <2cd0a0da0611211941iae07787q3f433fb2c8ab1f22@mail.gmail.com> <20061122163317.GC50939@gizmo.acns.msu.edu> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: Password Security X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Nov 2006 08:56:25 -0000 So, does it mean that Windows 2003 Server provides more Password Level Security with Unauthorized Access? And how can one into the System by booting from a CD if it still requires the Password even in Single User mode? On 11/22/06, Jerry McAllister wrote: > > On Wed, Nov 22, 2006 at 04:41:37AM +0100, VeeJay wrote: > > > Hi > > > > I need to secure my data and server. Any advice will be highly > appreciated. > > > > I am going to place my FreeBSD server at a shared place? > > > > I am just afraid that any unauthorized person might boot machine in > single > > user mode and steal the data? > > How can I make my Server secure that if if boots in single user mode, it > > still demands the password and without password one cannot do anything? > > or make it possible that booting in Single user mode, doesn't provide > any > > shell? > > Lock it in a box. Anyone who can put their hands physically can > get in to the machine with a little tinkering even if you disable > lots of software. > > I think you can get rid of the single user option in the boot, > but anyone with a CD can defeat that if they want to. It would > make things harder for yourself in managing the system, but it > would slow a person down from casual interference. > > Also, many machines have BIOS level boot passwords that can be turned > on. Using that would slow a person down, but be annoying for youself, > especially in times such as power failures - the system would not come > back up automatically without someone entering the BIOS password. > > Plus, if a person is determined enough, they can defeat that as well > by removing the battery backup for the MB or the flash memory. But, > it would stop casual tinkering. > > ////jerry > > > > > Thanks in advance > > > > -- > > > > BR / vj > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" > -- Thanks! BR / vj