[sllug-members]: Security Question: To password protect GRUB
or not?
Knight Walker
kwalker at kobran.org
Wed Aug 2 11:30:28 MDT 2006
On Wed, 2006-08-02 at 11:02 -0600, Evan Dillon wrote:
> I understand that physical security is compromised when bios and grub
> passwords are not used, but is remote security compromised in any way?
When physical security is compromised, EVERYTHING is compromised. If
someone has physical access to a server, they can do anything their
little black hearts desire and can come up with (So long as they can
figure out how to do it). They can read logs to find out where remote
connections are coming from / going to, they can install sniffers,
loggers, back doors, etc.
But all this is predicated on Bad Guys(tm) getting physical access to a
server. If they have physical access, they can nuke/reflash/reset the
BIOS, yank the hard drive (Bypassing GRUB and anything else short of
STRONG on-disk encryption), etc.
-KW
More information about the sllug-members
mailing list