From owner-freebsd-questions@FreeBSD.ORG Thu Nov 23 15:40:57 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 56B4116A47E for ; Thu, 23 Nov 2006 15:40:57 +0000 (UTC) (envelope-from jerrymc@gizmo.acns.msu.edu) Received: from gizmo.acns.msu.edu (gizmo.acns.msu.edu [35.8.1.43]) by mx1.FreeBSD.org (Postfix) with ESMTP id 29FBA43D7B for ; Thu, 23 Nov 2006 15:40:19 +0000 (GMT) (envelope-from jerrymc@gizmo.acns.msu.edu) Received: from gizmo.acns.msu.edu (localhost [127.0.0.1]) by gizmo.acns.msu.edu (8.13.6/8.13.6) with ESMTP id kANFd9de056477; Thu, 23 Nov 2006 10:39:09 -0500 (EST) (envelope-from jerrymc@gizmo.acns.msu.edu) Received: (from jerrymc@localhost) by gizmo.acns.msu.edu (8.13.6/8.13.6/Submit) id kANFd90Y056476; Thu, 23 Nov 2006 10:39:09 -0500 (EST) (envelope-from jerrymc) Date: Thu, 23 Nov 2006 10:39:09 -0500 From: Jerry McAllister To: VeeJay Message-ID: <20061123153909.GA56451@gizmo.acns.msu.edu> References: <2cd0a0da0611211941iae07787q3f433fb2c8ab1f22@mail.gmail.com> <20061122163317.GC50939@gizmo.acns.msu.edu> <2cd0a0da0611230056l15bfccaamb3ed3d439e2786b8@mail.gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <2cd0a0da0611230056l15bfccaamb3ed3d439e2786b8@mail.gmail.com> User-Agent: Mutt/1.4.2.2i Cc: freebsd-questions@freebsd.org Subject: Re: Password Security X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Nov 2006 15:40:57 -0000 On Thu, Nov 23, 2006 at 09:56:23AM +0100, VeeJay wrote: > So, does it mean that Windows 2003 Server provides more Password Level > Security with Unauthorized Access? > > And how can one into the System by booting from a CD if it still requires > the Password even in Single User mode? You just go to fixit mode - where you are running from the CD and not the installed OS and then rewrite any file that limits your access and then reboot again. ////jerry > > > > On 11/22/06, Jerry McAllister wrote: > > > >On Wed, Nov 22, 2006 at 04:41:37AM +0100, VeeJay wrote: > > > >> Hi > >> > >> I need to secure my data and server. Any advice will be highly > >appreciated. > >> > >> I am going to place my FreeBSD server at a shared place? > >> > >> I am just afraid that any unauthorized person might boot machine in > >single > >> user mode and steal the data? > >> How can I make my Server secure that if if boots in single user mode, it > >> still demands the password and without password one cannot do anything? > >> or make it possible that booting in Single user mode, doesn't provide > >any > >> shell? > > > >Lock it in a box. Anyone who can put their hands physically can > >get in to the machine with a little tinkering even if you disable > >lots of software. > > > >I think you can get rid of the single user option in the boot, > >but anyone with a CD can defeat that if they want to. It would > >make things harder for yourself in managing the system, but it > >would slow a person down from casual interference. > > > >Also, many machines have BIOS level boot passwords that can be turned > >on. Using that would slow a person down, but be annoying for youself, > >especially in times such as power failures - the system would not come > >back up automatically without someone entering the BIOS password. > > > >Plus, if a person is determined enough, they can defeat that as well > >by removing the battery backup for the MB or the flash memory. But, > >it would stop casual tinkering. > > > >////jerry > > > >> > >> Thanks in advance > >> > >> -- > >> > >> BR / vj > >> _______________________________________________ > >> freebsd-questions@freebsd.org mailing list > >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions > >> To unsubscribe, send any mail to " > >freebsd-questions-unsubscribe@freebsd.org" > > > > > > -- > Thanks! > > BR / vj