Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 23 Nov 2006 08:25:20 -0500
From:      Bill Moran <wmoran@collaborativefusion.com>
To:        VeeJay <maanjee@gmail.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Password Security
Message-ID:  <20061123082520.af5d4265.wmoran@collaborativefusion.com>
In-Reply-To: <2cd0a0da0611230056l15bfccaamb3ed3d439e2786b8@mail.gmail.com>
References:  <2cd0a0da0611211941iae07787q3f433fb2c8ab1f22@mail.gmail.com> <20061122163317.GC50939@gizmo.acns.msu.edu> <2cd0a0da0611230056l15bfccaamb3ed3d439e2786b8@mail.gmail.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Thu, 23 Nov 2006 09:56:23 +0100
VeeJay <maanjee@gmail.com> wrote:

>  So, does it mean that Windows 2003 Server provides more Password Level
> Security with Unauthorized Access?

Where is this presumption coming from?  Windows OS suffer from the same difficulty
protecting from physical intrusion that any other OS does.

> And how can one into the System by booting from a CD if it still requires
> the Password even in Single User mode?
> 
> 
> 
> On 11/22/06, Jerry McAllister <jerrymc@msu.edu> wrote:
> >
> > On Wed, Nov 22, 2006 at 04:41:37AM +0100, VeeJay wrote:
> >
> > > Hi
> > >
> > > I need to secure my data and server. Any advice will be highly
> > appreciated.
> > >
> > > I am going to place my FreeBSD server at a shared place?
> > >
> > > I am just afraid that any unauthorized person might boot machine in
> > single
> > > user mode and steal the data?
> > > How can I make my Server secure that if if boots in single user mode, it
> > > still demands the password and without password one cannot do anything?
> > > or make it possible that booting in Single user mode, doesn't provide
> > any
> > > shell?
> >
> > Lock it in a box.   Anyone who can put their hands physically can
> > get in to the machine with a little tinkering even if you disable
> > lots of software.
> >
> > I think you can get rid of the single user option in the boot,
> > but anyone with a CD can defeat that if they want to.  It would
> > make things harder for yourself in managing the system, but it
> > would slow a person down from casual interference.
> >
> > Also, many machines have BIOS level boot passwords that can be turned
> > on.  Using that would slow a person down, but be annoying for youself,
> > especially in times such as power failures - the system would not come
> > back up automatically without someone entering the BIOS password.
> >
> > Plus, if a person is determined enough, they can defeat that as well
> > by removing the battery backup for the MB or the flash memory.   But,
> > it would stop casual tinkering.



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?20061123082520.af5d4265.wmoran>