Re: root password forgotten

To: Debian users mailinglist <debian-user@lists.debian.org>
Subject: Re: root password forgotten
From: Dave Sherohman <esper@sherohman.org>
Date: Sat, 26 Jan 2002 09:54:17 -0600
Message-id: <[🔎] 20020126095417.B26657@sherohman.org>
Mail-followup-to: Dave Sherohman <esper@sherohman.org>, Debian users mailinglist <debian-user@lists.debian.org>
In-reply-to: <[🔎] 1012017885.1204.7.camel@wien>; from nozone@sbox.tugraz.at on Sat, Jan 26, 2002 at 05:04:45AM +0100
References: <[🔎] XFMail.20020125180315.shalehperry@attbi.com> <[🔎] 1012017885.1204.7.camel@wien>

On Sat, Jan 26, 2002 at 05:04:45AM +0100, Andreas Leitner wrote:
> On every standard Debian install, anybody can gain the root password
> within minutes (given the attacker has phyiscal access to the box):

As others have said, if an attacker has unrestricted physical access
to the machine, he has already won.  Period.

> 1) Issue "linux init=/bin/sh" on the lilo promt
> 2) Use john to crack the root password
> 
> Should be pretty transparent and thus hard to trace...

Neither john nor any other brute-force tool is likely to find any of
my root passwords in a reasonable amount of time, if ever.  Now, an
attacker could certainly edit /etc/shadow to reset the root password,
but that's pretty easily detectable.

-- 
When we reduce our own liberties to stop terrorism, the terrorists
have already won. - reverius

Innocence is no protection when governments go bad. - Tom Swiss

Reply to:

References:
- Re: root password forgotten
  - From: "Sean 'Shaleh' Perry" <shalehperry@attbi.com>
- Re: root password forgotten
  - From: Andreas Leitner <nozone@sbox.tugraz.at>

Prev by Date: Re: installing from floppies
Next by Date: Re: "RPM hell" question
Previous by thread: Re: root password forgotten
Next by thread: Re: root password forgotten
Index(es):
- Date
- Thread