Re: Hardware advice: seeking echoes of running Linux-PC clusters
Don Gaffney wrote:
> On Tue, 30 Apr 1996, Neil Turton wrote:
>
>> Lukas Nellen <lukas@teorica0.ifisicacu.unam.mx> wrote:
>>> From the point of view of security, do you really need a diskless
>>> system? If you set a bios password, set the bios to boot only from C
>>> and make sure that a password is required to enter single user mode,
>>> wouldn't that be just as secure? Or is there a loophole which I
>>> missed (not having tried this type of setup)?
> There are programs available on the net which will cause a BIOS checksum
> error. At bootup this error will allow the intruder into the BIOS setup
> without a password (BIOS defaults are taken).
How do you run these programs under Debian?
> The intruder can then boot off of a floppy and access the machine regardless
> of any OS security. NT, which is heralded as "C2 secure", and its NTFS
> file systems are just as susceptible as any Linux or DOS/Windows box.
> If you can't secure the machine, you can't secure the system. You can
> still secure information through encryption however.
As long as you've secured the keys as well.
Jay Carlson
nop@nop.com nop@ccs.neu.edu nop@kagoona.mitre.org
Flat text is just *never* what you want. ---stephen p spackman
Reply to: