Re: Problems with root on network clients
... verify the recipient Luke before pressing the "send" button ;-)
> as long as the server machines resides in a _really_
> restricted area (e.g. a machine room which may by
> physically accessed only by trusted staff members)
> You may have the chance to securly detect any physical
> intrusion to the exposed clients.
> You may use a network boot server, suppling each client
> the / and /etc directory. They may reside on a clients
> ramdisk or overwriteable hard-disk partition.
> Require the clients to do their IP configuration via
> DHCP or BOOTP, and if security is really a concern
> ensure that the server supervise the reachability of
> each client (e.g. ping each machine every 10 seconds)
> and set them on a deny list (e.g. ipchains/iptables input
> queue), if they don`t answer.
> So since rebooting manually, requires time (more than 10 seconds)
> the physical intusion gets dectected and the offending
> machine gets banned from further access to (any, when
> get informed) other server or client on your local network.
> hope this helps, yours