That may be of use when you loose your root password:


Forgetting the Root Password
Question:

I forgot my root password. What do I do?

Answer:

When the system comes to the LILO: prompt, type linux single.

When you get the # prompt you will need to type passwd root.

This will update the password to a newer one. At this point you can type shutdown -r now and the system should boot up normally. You can now use your new root password to gain root access


If you are concerned about the security issues, here is a fix (http://www.bastille-linux.org/jay/anyone-with-a-screwdriver.html)

But remember, the safest machine is locked up in a safe, the power cord cut and with no iNet access. Pouring armed concrete around the safe will give you an extra security layer, but then again...

Hope this helps

X'

still seems a pretty major security issue.....allowing anyone who knows this trick the ability to change the root password by simply rebooting the computer?

No computer is secure if physical access is possible.

agreed, but when my computers got stolen from my alarmed, monitored, securely locked office I believed access to my confidential data was extremely difficult. Access is unlikely yes, but this little trick makes it a lot more possible than I realised.

Thanks for the fix X

This has always been possible and is a "feature". Hell, if I stole your WinXP Pro box, all I'd have to do is put the HD in my system as a slave and boot from my own OS. Your HD will then show up on my box with full access to all your data.

Physically denying access to your machine is the single most important thing security wise.

Originally posted by MikeTimbers
No computer is secure if physical access is possible.
True. Hence my allusion to pour concrete around your computer.
As Phil says, this is not a bug or an exploit, it is a maintenance feature, It's like this on purpose. Actually, this was cut and pasted from the Red Hat FAQ...
But you can "turn off" this feature if you cannot garantee unwanted physical access to your box.
Otherwise, encrypt private documents, it will take a lot more time to brute force those.
Same with NTFS partition, they are only "secure" to Windows, pop a Linux boot disk and mount the drive and voila, all is there, you can even happily send it to an ftp server anywhere...

X'

Originally posted by phil
This has always been possible and is a "feature". Hell, if I stole your WinXP Pro box, all I'd have to do is put the HD in my system as a slave and boot from my own OS. Your HD will then show up on my box with full access to all your data.

Physically denying access to your machine is the single most important thing security wise.

yes - but I am not running XP, and given this they dont even need to take the HD out of the machine!

this isnt a linux bash. Why do linux people always have to go "hey but windows does this and much worse" every time something comes up? windows is irrelevant in this instance.

I wasn't bashing Windows, just pointing out that this sort of exploit is available on pretty much any OS as long as you have physical access to a machine/ HD. If you are that paranoid (and I know you are ;) ), fit removable HD caddies and physically remove the HD's and put them in a safe after leaving work. Or, you could even have a remote server in a secure room where all your important stuff is held. This should be done as part of any security plan as a matter of course. Relying on a thief not to take your entire machine but instead just sit there trying to guess a password is ridiculous. That only happens in the movies.

Quick dig at Unix compared to Windows NTn.

Set your root password to "thegenomecollective" then login as root but only use the first 8 characters "thegenom".

In Windows NT-based systems the entire password is stored in the security SAM but in Unix, it only uses the first 8 characters of any password you enter.

Have you ever used the NT Password tool? Very slick! No need to take the machine ... ;)

Originally posted by MikeTimbers
Quick dig at Unix compared to Windows NTn.

Set your root password to "thegenomecollective" then login as root but only use the first 8 characters "thegenom".

In Windows NT-based systems the entire password is stored in the security SAM but in Unix, it only uses the first 8 characters of any password you enter.


Didn't work on my Linux box Mike. All my passwords are well over 8 chars and contain a mix of uppercase, lowercase and numbers/ symbols. Linux has no problem in handling large passwords.

Originally posted by phil
I. If you are that paranoid (and I know you are ;) ), fit removable HD caddies and physically remove the HD's and put them in a safe after leaving work. Or, you could even have a remote server in a secure room where all your important stuff is held. This should be done as part of any security plan as a matter of course.

:D :rofl:
the rest is of course good advice

Originally posted by zhotfire
Have you ever used the NT Password tool? Very slick! No need to take the machine ... ;) You mean this?: http://home.eunet.no/~pnordahl/ntpasswd/

Originally posted by phil



Didn't work on my Linux box Mike. All my passwords are well over 8 chars and contain a mix of uppercase, lowercase and numbers/ symbols. Linux has no problem in handling large passwords.


I did say Unix Phil, ;)

Originally posted by MikeTimbers



I did say Unix Phil, ;)

:p :D

Pretty much covered by Mike & Phil, but I'll add mine anyway.

If someone has phycical access to the machines, your rooted. I have Linux and SCO Unix boot floppies in my case, with those disks I can gain root access to all the machines in my physical domain. Why do I have these disks? For that reason.

I manage many SCO Unix boxen, and the vxfs filesystem is not gracious with black starts, unlike ext3/ReiserFS or XFS. SCO Unixware 2.1.x also hangs badly if the mildest problem occurs during boot (bloody dinosaur). Now if your a serious bad-dude (tm) and want to rip precious data from these platforms, then you too will have root-n-boot disks in your top pocket. You can do the same with Windows BTW.

Ok, so you dont have physical access to the server, and the admin thinks he has you nailed, not so. From any workstation you can obtain access to the "safe" data too. How? Same way. "Root" the Workstation, checkout the network mounts in /etc/fstab, manually mount the NFS shares, and viola your in... Maybe... It depends on the share permsisions of the server shares and how the admin set up the mounts on the workstation(s). The share passwords maybe clear text in /etc/fstab, or may be stashed in a hidden file and then linked to the mount entries in fstab. Either way, if you have root access to the WS your screwed.

What now?

Ok, easy, we make the workstastions un-rootable (tm). How do we do this? First you follow the simple steps outlined in the link X provided, so that single user mode still requires a password before providing access. Ah! But you can still root-n-boot the machine with a floppy! True.

Physically remove the floppy drive and floppy cable from the workstations. That'll stop em! No it wont. If they are serious, they will BYO floppy drive, but if thats the case, they are very determined, and have more time than the average "theif".

Bloody hell, I don't feel like my valuable MP3 collection in the office is safe anymore, what can I do now? Easy, ecrypt your valuable data...

You can read more in my book "p43Rm314m133th4X0r". :) :) :)

Otherwise check the following:

http://www.yolinux.com/HOWTO/Security-HOWTO.html
http://www.securityportal.com/
http://www.linuxworld.com/linuxworld/lw-1999-05/lw-05-ramparts.html
http://www.linuxsecurity.com/
http://securityfocus.com/
http://www.boran.com/security/

I can highly recommend the following security measures and tools:

http://web.mit.edu/kerberos/www/
http://www.tripwiresecurity.com/
http://www.ssh.com/products/security/
http://www.openssh.org/
http://www.ciac.org/ciac/

Man, my Linux Bookmark folder is so fat, I will need a new disk just for the /my document folder.... well, of course I save my pr0n there too why?

You can use my personal bookmarks if you like, I push it to my host regularly, so I have access to it from anywhere in the world.

http://dnaresearch.com.au/portal.shtml

What are THOSE????: http://w0.bonus.com/bonus/registration/images/please/2.gif

They are the kid's, honest, I swear!


:baa: :baa: :baa: :baa: :baa:

Originally posted by X-Calibur
You mean this?: http://home.eunet.no/~pnordahl/ntpasswd/
Got mine from a different source.... but you've got the idea! ;)
Don't ask Wayne about the "bad dude" boot disks unless you're really serious about it... you may find yourself working for the wrong company! :D