Re: Securing Debian Manual: 3.1 Choose a BIOS password
On Thu, Mar 08, 2012 at 04:46:24PM +0300, Stayvoid wrote:
> Hello.
>
> "Before you install any operating system on your computer, set up a
> BIOS password. After installation (once you have enabled bootup from
> the hard disk) you should go back to the BIOS and change the boot
> sequence to disable booting from floppy, CD-ROM and other devices that
> shouldn't boot. Otherwise a cracker only needs physical access and a
> boot disk to access your entire system." [1]
> Is there a way to prevent such actions while using a VPS?
>
> I won't have a physical access to the machine.
> Is there a need to set a BIOS password for a VPS? (I've never used a
> VPS, but someone told me that it's possible for some of them.) I've
> been told that it's not necessary because if someone reboot the
> machine I'll have no chance to enter the password.
>
> [1] http://www.debian.org/doc/manuals/securing-debian-howto/ch3.en.html
>
> Cheers
>
> P.S. Sorry for those who already seen this post.
If you don't have physical access to the computer, there is very little
you can do to fully secure it (at least to the extent that you seem to
want to do). How do you plan to stop someone taking the top off and
attaching a logic analyser to it? How do you plan to stop someone simply
creating a DoS by forcibly inserting a foreign object (e.g. hitting the
computer with an axe)?
I'm not saying securing Debian won't help, but work out what you're
securing it FROM.
--
Darac Marjal
Reply to: